Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Application Security Platform
SSO

Single Sign-On configuration

This document is for:
Invicti Platform

Invicti Platform supports Single Sign-On (SSO) via Security Assertion Markup Language (SAML), allowing users to access multiple applications with a single login. An Identity Provider (IdP) centralizes user and application management, eliminating the need to handle individual credentials for each service. Invicti supports both IdP- and Service Provider (SP)-initiated SAML authentication.

This document explains how to enable SSO in Invicti Platform.

Enabling SSO in Invicti does not automatically provision users—they must be added manually. SSO integration simplifies access across applications but requires user setup in Invicti Platform. For more information, refer to the Create user document.

 

You must also configure the integration on your SSO provider. For detailed instructions, refer to your SSO provider's documentation below:

How to configure Single Sign-On settings

To access the SSO configuration you need to be an Owner of the organization or have a custom role with System rights. Enabling SSO makes it mandatory for the whole organization, unless a user is exempted.

  1. Select Settings from the left-side menu.
  2. Choose the Security & Access Control > SSO tab.
  3. Turn on the Enable SSO toggle.

  1. Select your SSO provider from the SSO Provider dropdown list.
  2. Copy the required information from the SAML 2.0 Service URL and Identifier fields and enter it into your SSO provider configuration.

Copy SAML 2.0 Service URL and Identifier values to your SSO provider configuration.

  1. Enter the required information into the SAML 2.0 Endpoint, IdP Identifier, and X.509 Certificate fields.

Copy the values of SAML 2.0 Endpoint, IdP Identifier, X.509 Certificate from your SSO provider to Invicti Platform.

  1. Select the checkboxes for signed assertions, encrypted assertions, or sign requests as needed.

Additional security options for assertions and sign requests in Invicti Platform.

  1. If you enable any assertions or requests, a new section will be shown to do one of the following:
  • Select Generate a new certificate for me; OR
  • Select I have an existing certificate, then upload your certificate and enter the Certificate Password.

Certificate-related fields for encrypted assertions and sign requests.

  1. From the SSO Exemptions dropdown, select specific users to exempt them from SSO. Doing this means the selected users can log in to Invicti Platform using password. The Owner is always exempted, while all other users are forced to use SSO when it's enabled.

SSO Exemptions field in Invicti Platform.

  1. Select Save to save your settings.

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports

Share This Article