SSO integration - BlueCat Edge - Service Point v4.x.x

BlueCat Edge Deployment Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v4.x.x

BlueCat Edge can leverage a Single Sign-On (SSO) integration to authenticate and provide access to users within SSO environments. BlueCat Edge can be configured as a Service Provider in a SAML 2.0 Federation, enabling a single sign-on user experience. Once you have enabled the SSO integration, login access will be granted to users of an organization based on the authenticated session with the Identity Provider (IdP) and the role associated with that user in the IdP. BlueCat Edge only supports service provider (SP) initiated SSO.

Once you enable the SSO integration, you can't login to BlueCat Edge using credentials that are locally created on the BlueCat Edge Cloud.
Note: If BlueCat Edge is unable to receive the SAML response from the IdP that allows it to successfully authenticate users, local system administrators can log in and modify the SSO integration through the BlueCat Edge UI. If authentication fails for other reasons and you can't log in to the BlueCat Edge UI, corporate users with the system administrative role can modify the SSO integration through the BlueCat Edge API.
Attention:
  • BlueCat strongly recommends that the corporate system administrator users create a new API access key set after enabling the SSO integration.
  • Once you have deleted or deactivated a user within your IdP or removed their Edge Role, a user with the System Administrator role must also remove any API access key sets associated with the inactive user using the /v1/api/apiKeys?email={email} (DELETE) method.