HI all
we have configured our Secops MSSP tenant using Workforce Identity Pool and MS365 as backend IdP as explained here
posted by @jstoner .
I am trying to figure out if there is a different way to delegate access to SOAR using a customer IdP as well, without going through my IdP.
Would it be possible to use CIAM aka "Identity Platform" to be able to have a single point of configuration of different SAML IdPs?
Thanks!
Roberto
Hi Roberto,
Not sure if I understand you correctly, you want to be able to login to SecOps MSSP tenant with two IdP (1 your's and 1 customer's), if yes, then we can have multiple front-end paths to access, one path for your IdP and the other path for customer's IdP.
Do reach out to Chronicle Support to get the 2nd front-end path (or customer_subdomains if you usingCustomer Management API)
https://cloud.google.com/chronicle/docs/preview/customer-management-api/customer-management-api
HI @hzmndt
no, the problem is different. We have several IdP in my company. When we attach the MSSP tenant with the first Workforce Identity Backend, only this IdP can have acces to the SOAR environment(the problem is limited to access in the SOAR platform and not SIEM). Customers and other IdP attached to the WIP cannot have access to the SOAR. In SSO page, SecOps area in GCP, only 1 IdP can be selected. But this prevents other federation-connected IdPs from being able to log in.
I'm not sure if I was clear about the problem, but when SOAR was not embedded in the single SecOps interface, you could connect several IdPs directly to SOAR interface, but now you can no longer do that
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.