Note: In 11.4 or later, Single Sign-On (SSO) authentication can be used to access the UI; however, only one Active Directory is supported. This feature is supported on the Analyst UI deployment in 11.4.1 and later.
Single Sign-On authentication enables the user to log in to NetWitness Platform or any other application if the user is authenticated by the same Identity Provider (IDP). The Active Directory Federation Services (ADFS) is the only supported IDP and the protocol used for SSO is SAML 2.0.
NetWitness Platform Single Sign-On Authentication Workflow
The workflow of SSO authentication shows the following:
- User tries to access the NetWitness Platform UI using the web browser. For example, https://nw-host/login.
- The user is prompted to login into the IDP (ADFS) login page.
- The user enters the credentials for authentication.
- If the authentication is successful, NetWitness Platform authorizes the user based on the user groups configured on the Active Directory Server and External Role Mapping in NetWitness.
- If the authorization is successful, the user is logged into the NetWitness Platform.
Note: If the single sign-on authentication fails, the user cannot access the NetWitness Platform. For more information, see Troubleshooting.