Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 3 Current »

Overview

In addition to Microsoft Entra ID, Okta, Google, and Onelogin, Zilla support SAML Single Sign-on with any Identity Provider (IDP). If Zilla can obtain the required information from that IDP and ensure certain values are passed in the SAML assertion, organization can configure the IDP for SSO and use to log in to your Zilla Security tenant.

Scope: Admins

This article covers the following topics:

Prerequisites

  • Admin account with Zilla Security

  • SSO has not been configured or SSO configuration has been deleted in admin settings

  • You must be logged into your IDP admin account

Zilla SAML Provider Setup

  1. Log in as a Zilla admin and click on the Settings tab on the left side of the page. On the Discovery & Configuration tab, expand the Single Sign-On Provider dropdown and click Configure.

Settings.png

  1. Select SAML and then click Configure.

Configure SSO.png

A Configure SAML window will appear.

  1. Copy the Zilla ACS URL and Zilla Entity ID to your clipboard.

IDP App Setup

  1. In the app connector you have created in your IDP, paste the Zilla ACS URL and Zilla Entity ID (sometimes called the SP Entity ID) into their respective fields.

  2. If your IDP requires an Audience, use the Zilla Entity ID value.

  3. For the ACS URL Validator field, use the following value: ^https:\/\/app\.zillasecurity\.com\/$ and save your configuration.

For security reasons, please ensure you use the exact value above. Using .* as an ACS Validator is not suited for production use in any application.

4. Look for the following values in the IDP app connector and paste them into the corresponding field in Zilla:

  • SSO URL (sometimes called the SAML endpoint or Sign-in URL)

  • Entity ID (sometimes called Issuer)

5. Zilla expects the exact values listed below in a SAML assertion. Add 3 custom attributes to your app connector for:

  • email

  • firstName

  • lastName

6. In your IDP, find the x.509 Certificate you plan to use for this integration and copy its contents to your clipboard. Paste the value into the Zilla IDP X.509 Certificate field.

Important: When pasting this certificate into the Zilla IDP X.509 Certificate field, remember to remove -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- from the pasted value.

  1. Click Validate in the Zilla SSO Configuration window. The test should be successful if the admin testing the configuration has been assigned to the Zilla connector in your IDP correctly.

Any reviewers, technical owners, or app owners can now log in to Zilla to see the apps and reviews they have been assigned using SSO.

When you have completed the steps above, review the information that was synced in Zilla. If you encounter any issues, please refer to our troubleshooting articles or visit support.zillasecurity.com and submit a ticket. Our support team will assist you in resolving the problem as quickly as possible.

  • No labels