Skip to main content

Configure single sign-on with OneView

Single sign-on (SSO) is a method for authenticating user access to multiple applications using a single set of login credentials. This article provides an overview of OneView SSO and how to configure this option. For details on using SSO across your users, see Single sign-on scenarios with Malwarebytes OneView.

Enable Single Sign-On

  1. Log in to Malwarebytes OneView
  2. On the left navigation menu, click Configure > Users
  3. Click the Single Sign-On tab.
  4. Toggle on Enable Single Sign-On (SSO).
    • Toggle on Just-In-Time (JIT) Provisioning to automatically create a OneView user profile when a user logs in for the first time.
      • Select a default role to assign to users created through JIT provisioning. 
    • Toggle on Require SSO for certain roles to enforce SSO for selected user roles.
      • Note: This setting is ignored for users with MFA enabled.
  5. Click Save

Link your single-sign on tool to Malwarebytes

For single sign-on to work, connect Malwarebytes OneView to your Identity Provider (IDP). Email addresses in the IDP need to have the same case as their existing OneView emails.

  1. From your IDP, generate the Metadata URL or XML file. Refer to the following under the OneView Service Provider Details:
    • Service Provider Entity ID: The unique entity ID of Malwarebytes OneView as a Service Provider.
    • Assertion Consumer Service URL: The IDP redirects the authentication response to this URL.
    • Additional Reply URL: Some IDPs require an additional whitelisted reply URL to receive the SAML response.
      https://ipi-intg-partner-portal-prod.auth.us-east-1.amazoncognito.com/saml2/idpresponse
    • SAML assertion attributes:
      SAML attribute name Value
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress User Email
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname User First Name
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/familyname User Last Name
  2. Under Identity Provider (IDP) Metadata, enter the Metadata URL or select Metadata XML to upload the XML file.
  3. Click Save.

If you are locked out of your OneView console due to improper SSO configuration, contact support.

 

Return to the Malwarebytes OneView User Guide 

Related articles