End-of-Life (EoL)

Set Up SAML Logout

SAML Logout
The SAML provider is a user authentication third party provider that helps to manage users. When you log in, the provider checks if you are a valid user. If you are authenticated, the provider assigns a session ID to you which is valid for a period of time. The next time you log in, you do not need a password, because the session is still valid from the previous login, even if you logged out of Cortex XSOAR. If you log out via SAML, the provider invalidates the session and the next time you log in to the system you need to enter a password.
To set up SAML logout, you need to create a SAML integration with a public/private key pair. You can:
  • Use a self signed certificate.
  • Purchase a certificate from a third party authority.
  1. (Optional)
    To use a self signed certificate:
    1. Create the public/private key pair by running the following command:
      openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
      The following two files are created:
      • certificate.crt
        - Public key
      • privateKey.key
        - Private key (encrypted)
    2. For the Cortex XSOAR SAML integration, the private key needs to be unencrypted. Run the following command:
      openssl rsa -in privateKey.key -out private_unencrypted.key -outform PEM
      The following file is created:
      - Private key (unencrypted)
  2. Go to
    Servers & Services
  3. Search for
    SAML 2.0
  4. Click
    Add instance
    to configure a new integration.
  5. In the
    Service Provider Entity ID
    field, enter the Cortex XSOAR SAML address.
  6. Click the
    Sign request and verify response signature
  7. From your identity provider, copy the content of the public certificate file and paste it into the
    IdP public certificate
    field of the Cortex XSOAR SAML instance.
  8. Copy the content of your
    file and paste it into the
    IdP private key
  9. In your identity provider application:
    1. Select the
      Enable Single Logout
      option (if applicable).
    2. In the
      Signature certificate
      field, upload the
    3. Copy the IdP Single Logout URL.
  10. In the
    IdP Single Logout URL
    field of the SAML instance, paste the
    IdP Single Logout URL
    that you copied in the previous step.
  11. In the
    Single Logout Service Endpoint
    field, type the Cortex XSOAR SAML logout address.
  12. Click

Recommended For You