SAML Ingrid Security Assertion Markup Language (SAML) is an XML-based framework developed by the Organization for the Advancement of Structured Information Standards. It is used to exchange secure data between different services, such as authentication and authorization information. Navigation Options Go to Settings ➔ SAML. SPM App: SAML CM App: SAML Insurance App: SAML About Bitsight SAMLWe support single sign-on (SSO) with SAML v2.0 using the POST binding. See the supported identity providers (IdP).Once SAML is enabled: Previous login credentials (including Admin) are invalidated after the first successful login. New users can be auto-provisioned with the “Auto provision users” toggle in the SAML page. With this setting: Enabled = New users are provisioned in the Bitsight platform when they first log in via SSO. They are automatically assigned a User role and are placed in the default Access Control Group. The default is initially the “All Companies” group. The All Companies group provides access to your entire portfolio. Disabled = Admin will need to manually add or edit users. If you’re configuring multiple providers, the “Auto provision users” option must be disabled. Use the Access Control page to manage users and groups: The default group can be configured from the Groups tab. A user’s group can be changed from the Users tab. To give a user “Admin” privileges, that user will need to first log in to the Bitsight platform using SAML, and then you (an Admin) can change their user permissions from the Users tab. Alternatively, user roles and user groups can be managed and enforced directly through the Identity Provider (IdP) configuration. By mapping the corresponding SAML attributes (documented in the Optional SAML 2.0 Attributes section of the SAML Setup guide), the IdP becomes the authoritative source for user permissions. These IdP-side configurations will override manual settings within the Access Control page, ensuring that access levels are strictly maintained and enforced based on the central directory’s security policies.SAML Guides Configuring 2-Factor Authentication Disabling SAML Replacing and Updating Your SAML Certificate Single Sign-On Setup Using SAML Setting a Custom Login URL (Optional) Resources: Ping Identity, “Connect to third party SAML services” Microsoft, “Security for SharePoint Server” OASIS, “SAML v2.0 Spec” August 2, 2022: Separated sections to their own pages. November 16, 2021: Added navigational instructions for the Continuous Monitoring application. October 13, 2021: Added navigation instructions to the SAML page. Related articles SAML Setup Configuring SAML Apps Microsoft Entra ID (Azure AD) Integration Guide Replacing and Updating Your SAML Certificate Setting a Custom Login URL with SAML Feedback 0 comments Please sign in to leave a comment.