Part 1: Gather SSO details

“Service Provider” refers to any application (i.e. ZenGRC) that requests authentication from a central “Identity Provider”, or “IdP”.

This section provides instructions for accessing information in ZenGRC that your IdP will use to identify ZenGRC as a trusted service provider.

This part of the process must be performed by a ZenGRC Administrator.

Note: Some IdPs, such as ADFS, use the term “Relying Party” in place of “Service Provider”

Go to Part 1: Gather SSO details →

Part 2: Exchange SSO details

This section provides instructions for entering information about ZenGRC, obtained in the previous step, into your organization’s IdP.

This step must be performed by a user with administrative access to your organization’s IdP platform (or more specifically, a user with permission to create and manage “service provider” applications in your IdP platform).

This part of the process results in the generation of additional artifacts that your IdP administrator will then need to share with your ZenGRC administrator, who will use that information to apply further changes in ZenGRC.

Go to Part 2: Exchange SSO details →

Part 3: Enter SSO details

In order to finalize the “handshake” between ZenGRC and your IdP, a ZenGRC administrator must enter the information generated by your IdP administrator into ZenGRC.

Go to Part 3: Enter SSO Details →

Part 4: Enable SSO

The last step is turning on the SAML/SSO login option for ZenGRC users and determining which other login options you want to expose.

Go to Part 4: Enable SSO →