CB Defense: How to configure OneLogin as a SSO
search cancel

CB Defense: How to configure OneLogin as a SSO


Article ID: 289812


Updated On:


Carbon Black Cloud Endpoint Standard (formerly Cb Defense)


Seamless access to Carbon Black Defense / Predictive Security Cloud (PSC) console through OneLogin


  • Carbon Black Defense Web Console September '18 Release (0.40.x) and higher
  • OneLogin SSO SAML Solution


  1. Access the PSC Console
  2. Navigate to Settings > Users
  3. Under SAML configuration, click Edit
  4. Note down the following fields:
Leave Window Open with empty fields, to be later populated.
  • Single sign-on URL (HTTP-redirect binding)
  • X509 certificate

Add Carbon Black PSC Console to your OneLogin signon

  1. Log into OneLogin admin page, typically https://<companycode>.onelogin.com/admin
  2. Select APPS
  3. Click button "Add APP"
  4. Choose SAML Test Connector (IdP)
  5. Change name from SAML Test Connector (IdP) to Cb Defense, alternatively, upload rectangular and square icons, click Save
  6. Click Configuration menu
  7. Under RelayState and Audience enter URL "Audience" from PSC Console
  8. Under Recipient enter URL "Recipient" from PSC Console, do the same for "ACS (Consumer) URL Validator*" and "ACS (Consumer) URL*"
  9. Leave Single Logout URL blank
  10. Click Parameters menu
  11. Leave "Credentials are" > "Configured by admin"
  12. Click "Add parameter"
  13. Enter "mail" under "Field name", Check "Include in SAML assertion" Flag
  14. Choose "Email" under Value,
  15. "Include in SAML assertion" should be checked
  16. Rules tab are left blank
  17. Click SSO menu
  18. Copy X509 Certificate, paste into PSC Console > "X509 certificate"
  19. Copy "SAML 2.0 Endpoint (HTTP)" URL from OneLogin to "Single sign-on URL (HTTP-redirect binding)" in PSC Console
  20. Save SAML Config in PSC Console
  21. Access menu can be left unchanged
  22. Click Users menu, add pertinent users to this application, ensure their email address matches the email used to access Carbon Black Defense