Set Up MS Azure as the Identity Provider Using SAML 2.0

Set up Microsoft Azure in Cortex XSOAR as the identity provider for Cortex XSOAR users. SAML 2.0.
You can authenticate your Cortex XSOAR users using SAML 2.0 authentication and Microsoft Azure (Azure) as the identity provider. To set up Azure, you need to do the following:

Troubleshooting (generic - known errors)

The following are known issues when using Single sign on in Azure:
  • Method Not Allowed
    : Ensure the endpoint is used for the Service Provider Entity ID and Reply URL for the IdP and Service provider, in the format: https://demisto-dns/saml.
  • "{"id":"errSAMLLogin","status":400,"title":"Failed to login via SAML","detail":"Failed to login via SAML","error":"","encrypted":false,"multires":null}"
    : Most likely an attribute mapping issue. Ensure that all attributes that appear in Cortex XSOAR SAML 2.0 configuration are reflected in Azure claims and its associated SAML assertion. Attributes are case sensitive.
    You may also receive this message, if you select the
    Don’t map SAML groups to Demisto Roles
    checkbox and you do not define a role in
    Default role (for IdP users without groups)
    in the SAML 2.0 configuration.
  • After connecting through SSO, a user may temporarily see the home screen, but immediately returns to the login page. The user does not have any group assigned, so he cannot login.
    Check the group mapping and see whether the
    attribute is correct. As a workaround, if you did not set the group mapping, you can use the
    Default role (for IdP users without groups)
    in the SAML 2.0 configuration.

Recommended For You