on Jan 30, 2020The SSO Settings tab provides a way to enable SSO.
What do you want to do?
| Role | I want to ... | Show me how |
|---|---|---|
| Admin | Enable SSO Settings | Configure Single Sign-On |
| Admin | Configure Active Directory | Configure Active Directory |
| Admin | Configure ADFS as IDP for NetWitness | For instructions on how to configure ADFS as IDP for NetWitness, see the Configure SAML 2.0 provider settings for portals topic in Microsoft documentation. |
| Admin | Map User Roles to External Groups | Manage Users with Roles and Permissions |
Quick Look
To access this view, go to ADMIN > Security and click the Single Sign-On Settings tab. 
The following table lists the features of the Single Sign-On tab.
| Feature | Description |
|---|---|
| Enable SSO | Checkbox that indicates whether or not the single sign-on is enabled. This box is cleared by default. |
| Auto Import IDP Metadata | If selected the latest IDP metadata is downloaded at regular intervals. |
| Metadata URL | Enter the metadata URL generated when the connection was established with the ADFS. |
| Use Proxy | If enabled, the requests to IDP will be routed through the proxy configured in Admin > System > HTTP Proxy settings. |
| Import IDP Metadata | Enter the metadata URL generated when the connection was established with the ADFS. Note: Make sure you update the link every time the IDP metadata is updated. |
| Entity ID | A unique identifier for NetWitness unique amongst all the applications managed by the same IDP. |
| Enable Global Logout | Checkbox that enables Global Logout setting for users. When Global Logout is enabled, the user is logged out of NetWitness and also from other applications authenticated by ADFS. |
| Apply | The admin-server is restarted after which you will get notified in the notification tray when the metadata is ready to be downloaded. |
| Export Service Provider Metadata | Exports an XML file which is uploaded to IDP to establish the connection between NetWitness (SP) and IDP (ADFS) for authentication. |
