Single Sign-On ("SSO")

The Zyston CyberCAST Platform can be configured to support user logins via the web portal using an identity provider supporting SAML v2.

When configured for SSO, the platform will automatically create new users for any SAML assertion received from your identity provider. This allows you to control access to the Zyston CyberCAST Portal entirely from your organization's identity and access management solution.

SSO Configuration Checklist

• Ensure you have the Administrator role assigned to your Zyston Platform user
  • Platform Roles
  • View My User Roles
• Configure an application in your Identity Provider with the following parameters:
  • Application Name: Zyston CyberCAST Portal
  • Application Identifier: https://cybercast.zyston.com
  • SAML Assertion Consumer Service URL: https://cybercast.zyston.com/sso/saml/acs
• Obtain the SAML metadata URL generated by your identity provider
• Create a new SAML SSO provider in the Zyston Portal using the metadata URL
  • Create an SSO Provider

User Management with SSO Configured

Once you have configured an SSO Identity Provider, existing users will no longer be able to login with their password and two-factor authentication code. All new logins must go through your identity provider.

Users with the Administrator role may continue to login through a special URL if it should become necessary to login without the use of SSO. For example, in the event you need to modify your SSO configuration.

https://cybercast.zyston.com/admin-bypass-sso

SSO Identity Provider Support

Any identity provider supporting SAML v2 should be configurable to work with the Zyston Platform. In particular, we support and have configuration examples for:

• Microsoft Azure Active Directory
• Okta Workforce Identity Cloud