Disabling Admin Console Single Sign-on?

  • 2 December 2021
  • 0 replies
  • 11 views

Userlevel 3
Badge +13
  • Netskope Employee
  • 8 replies

Netskope Admin Console can be tied with your Identity Provider (IDP) such as Okta or Azure. It's just a few checkboxes that you would normally enable on Netskope tenant to allow users on IDP to login to Netskope using admin-role attribute for the Role Based Access Control.

 

There are just a few checkboxes and strings you add to the Netskope tenant. Most configuration is done on the IDP. Okta and Azure have an app published for this purposed called "Netskope Admin Console".  Once SSO is enabled users assigned to this app can login by going to your Netskope tenant URL (SP initiated flow) or by going to the IDP and launching Netskope app from there (called IDP initiated flow).

 

While turning this off you would normally uncheck the "Enable SSO" checkbox on Netskope tenant. Just wanted to make you aware that this will turn off the SP initiated flow i.e. Netskope will not redirect you to the IDP. But the users on the IDP may still be able to launch the app and login using IDP initiated flow.

 

To turn it off completely disable the app on your IDP or un-assign users from the app. This will prevent users from launching the app to gain access to Netskope Tenant and completely shut down IDP or SP initiated access to the Netskope tenant.  Only the local users in your Netskope tenant can then login to the tenant.


0 replies

Be the first to reply!

Reply