Security and SSO
As a Tenant Administrator, in the First 24 Hours (F24H) Wizard, you have already configured the Single Sign-On (SSO) options to authenticate users signing into the Lazsa Platform. In the Security and SSO section, you can review your SSO configuration details. If you want to edit any of these details, you can contact the Lazsa Platform support team for assistance.
The Lazsa Platform currently supports integration with the following corporate SSO service providers:
-
Microsoft Active Directory (AD)
-
Microsoft Azure Active Directory (Azure AD)
Reviewing and Editing SSO Configuration
To review the SSO configuration details and edit them, do the following:
-
Sign in to the Lazsa Platform and click Configuration in the left navigation pane.
-
On the Platform Setup screen, on the Security & SSO tile, click Configure.
The identity provider for which you have configured the SSO options in the First 24 Hours (F24H) Wizard is displayed. Depending on the service provider, do the following:
Microsoft Active Directory (AD)
Review the following options:
-
SSO SAML Configuration
Reviewing SSO configuration details
- On the Security and SSO screen, in the SSO SAML Configuration tile, click the ellipsis (...) and then click View Details.
- In the SSO SAML Configuration side drawer, review the following details:
- Single Sign-On Service URL
- Single Logout Service URL
- X.509 Certificate data
Editing SSO Configuration Details
- On the Security and SSO screen, in the SSO SAML Configuration tile, click the ellipsis (...) and then click Edit.
-
To maintain the integrity and security of the authentication process, the fields in the Edit SSO SAML Configuration side drawer are not editable by users. If you need to make any changes or updates to your SSO SAML Configuration, please contact the Lazsa Platform support team for assistance.
-
LDAP
- On the Security and SSO screen, in the LDAP tile, click the ellipsis (...) and then click View Details.
- In the LDAP side drawer, review the following details:
- LDAP Connection URL
- Bind DN or User
Bind Password (masked)
- On the Security and SSO screen, in the LDAP tile, click the ellipsis (...) and then click Edit.
- To maintain the integrity and security of the authentication process, the fields in the Edit LDAP side drawer are not editable by users. If you need to make any changes or updates to your LDAP configuration, please contact the Lazsa Platform support team for assistance.
Reviewing LDAP configuration details
Editing LDAP configuration details
Azure Active Directory
Reviewing Azure AD configuration details
- On the Security and SSO screen, in the Azure Active Directory tile, click the ellipsis (...) and then click View Details.
- In the Azure Single Sign-On side drawer, review the following details:
- Tenant ID
- Client ID
Client Secret (masked)
Editing Azure AD configuration details
- On the Security and SSO screen, in the Azure Active Directory tile, click the ellipsis (...) and then click Edit.
-
To maintain the integrity and security of the authentication process, the fields in the Edit Azure Single Sign-On side drawer are not editable by users. If you need to make any changes or updates to your SSO SAML Configuration, please contact the Lazsa Platform support team for assistance.
-
Enabling Two-Factor Authentication
You can enable two-factor authentication as an additional layer of security for users signing in to the Lazsa Platform. When you turn on the 2FA option, a one-time password (OTP) is sent to the registered email address of the user who wants to sign in to the Lazsa Platform.
If this option is deactivated, that means the Allow Two-Factor/Multi-Factor Authentication option on Configuration > Platform Setup > Settings > Security is turned off. Turn it on to activate the 2FA option.
|
What's next? Users, Roles, Teams, and Organization Hierarchy |