Support
Invicti Enterprise Settings

Single Sign-On Settings

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Invicti Enterprise supports Single Sign-On (SSO) to enable users to move easily between websites/applications. Single Sign-On is a centralized login system that helps you access many websites or web applications with a single authenticated user account. You may, for example, need a system that allows users who are already logged in on one of your websites, to log in on your other websites at the same time (one may be a blog and the other a shop).

  • Disabling both Enable and Enforce to authenticate only with single sign-on means only the regular username and password of Invicti Enterprise can be used
  • Enabling Enable, but not Enforce to authenticate only with single sign-on, means both SSO and the regular username and password can be used
  • Enabling Enable and Enforce to authenticate only with single sign-on means that only SSO can be used

For detailed instructions for each system, see SAML Authentication Services.

How to Configure Single Sign-On Settings
  1. From the main menu, click Settings, then Single Sign-On.
  2. Enable the Enable checkbox.

  1. Enable the Enforce to authenticate only with single sign-on checkbox, if you want to disable logging in via regular username and password to Invicti Enterprise.
  2. Select the tab of the relevant system, and complete the instructions. Links to detailed instructions for each system are available in Invicti and Single Sign-On Support.
  3. Enable the Enable Auto Provisioning checkbox, if you want your registered users on the IdP to be automatically created when they first access Invicti Enterprise.
  4. Enable the Require SAML assertions to be encrypted, if you want third parties prevented from reading private data from the SAML assertions.
  5. Enable the Use Alternate Login Email to allow users to use alternative email for single sign-on.
  6. Click Save Changes.