In this article:
Use this guidance to provide SecurityScorecard-related information needed for configuring the security assertion markup language (SAML) single sign-on (SSO) integrations.
Note: SecurityScorecard does not support SAML single logout (SLO).
Access your SSO configuration
- In SecurityScorecard, click your profile avatar in the top-right corner, and select My Settings.
- In the Admin settings, select Single Sign-On (SSO).
- Follow the steps in the configuration wizard.
SecurityScorecard inputs for your SAML provider
Metadata URL |
https://platform-api.securityscorecard.io/v1/saml/metadata/service-provider |
Assertion Consumer Service, sometimes referred to as Single sign on URL (Okta) |
https://platform-api.securityscorecard.io/v1/saml/responses (HTTP-POST) |
Entity ID, sometimes referred to as Audience URI (SP Entity ID) (Okta) |
https://platform-api.securityscorecard.io/saml2/service-provider |
Note: Okta is only listed as an example. This configuration applies to all identity providers.
The XML that is exported from the IdP and then imported into SAML Configuration Wizard are:
- Identify provider issuer URI (entityID)
- Identity provider single sign-on URL (SingleSignOnService)
- Identity provider certificate
Additional information
SAML version |
2.0 |
SSO type |
IdP initiated |
Request signature algorithm |
SHA-1 or SHA-256 |
Request signing |
Optional |
Request binding |
HTTP Redirect or HTTP POST |
Response signature |
Required |
Request/response encryption |
Not supported |
NameID |
User’s email Required |
firstName and lastName |
Optional |