SSO Setup Overview
Overview
Regardless of your specific IdP, there are four high-level parts to the process of setting up SAML/SSO for ZenGRC, and this documentation is organized accordingly.
On this page
Part 1: Gather SSO details
Gathering ZenGRC Service Provider Details
“Service Provider” refers to any application (i.e. ZenGRC) that requests authentication from a central “Identity Provider”, or “IdP”.
This section provides instructions for accessing information in ZenGRC that your IdP will use to identify ZenGRC as a trusted service provider.
This part of the process must be performed by a ZenGRC Administrator.
Note: Some IdPs, such as ADFS, use the term “Relying Party” in place of “Service Provider”
Go to Part 1: Gather SSO details →
Part 2: Exchange SSO details
Entering ZenGRC Service Provider Details into Your IdP and Gathering IdP Details for your ZenGRC Admin
This section provides instructions for entering information about ZenGRC, obtained in the previous step, into your organization’s IdP.
This step must be performed by a user with administrative access to your organization’s IdP platform (or more specifically, a user with permission to create and manage “service provider” applications in your IdP platform).
This part of the process results in the generation of additional artifacts that your IdP administrator will then need to share with your ZenGRC administrator, who will use that information to apply further changes in ZenGRC.
Go to Part 2: Exchange SSO details →
Part 3: Enter SSO details
Entering IdP Details into ZenGRC
In order to finalize the “handshake” between ZenGRC and your IdP, a ZenGRC administrator must enter the information generated by your IdP administrator into ZenGRC.
Go to Part 3: Enter SSO Details →
Part 4: Enable SSO
The last step is turning on the SAML/SSO login option for ZenGRC users and determining which other login options you want to expose.
© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com