Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Enable SAML Integration in the console

Carbon Black Cloud: How to Enable SAML Integration in the console

Environment

  • Carbon Black Cloud Console: All Versions

Objective

To enable SAML integration in the VMware Carbon Black Cloud Console

Resolution

  1.  Log into the Carbon Black Cloud console
  2. Open a second browser tab or new window and launch a second instance of the Web Console and go to Settings > Users
    • This is useful if something is misconfigured and log in using SAML fails after the initial setup. To revert just go back to the second instance and disable SAML
  3. Go to Settings > Users
  4. SAML is disabled by default
  5. Click "Enabled" to display the SAML Configuration screen
  6. Copy Single Sign-On URL from your identity provider (IdP) into 'Single sign-on URL (HTTP-Redirect Binding)' field
  7. Copy X509 from IdP
  8. Paste into text editor to remove carriage returns and spaces to make the X509 cert display as one line
  9. Copy X509 cert into 'X509 certificate' field
  10. Click Save

Additional Notes

  • Once your organization has enabled SAML, administrators will no longer be able to log in with their email address and password.
  • After configuring SAML, all administrators in your organization will be required to log in with your chosen identity provider.
  • If you are unable to log in after enabling SAML, contact support to disable it for your organization.
  • For Okta, an Attribute Statement needs to be added (called out in User Guide) to map between "mail" and "user.email"
    From the User Guide
    Set the Attribute Statement as "Name=mail", "Name format=Basic"", and "Value=user.email"

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎07-18-2016
Views:
7353