CybSafe and Single Sign On integrations

Here's a list of all of the SSO's that CybSafe can integrate with & how to configure each one.

Ben Robinson avatar
Written by Ben Robinson
Updated this week

CybSafe can integrate with a variety of Single Sign On (SSO) applications.

Here is a list of all the possible SSO integrations and how to set them up:

If you get stuck at all, you can contact the CybSafe team via support@cybsafe.com


Microsoft Single Sign On

Setting up SSO using Microsoft Azure (SSO)

Configure Microsoft Azure SSO so your people can login seamlessly.

As a CybSafe administrator, you can set up CybSafe accounts for everyone in your organisation using Microsoft Azure Single Sign On.

In this article, we’ll show you how.

1. First, you’ll need to add the CybSafe application to your Azure Active Directory from the Azure Active Directory Gallery.

2. Next log in to CybSafe using administrative credentials.

3. Navigate to the Access management settings by selecting it underneath "Settings" on the left hand menu.

5. Select ‘Azure’ in the Provider Drop Down menu, and click on Submit.

6. You’ll be redirected to an Active Directory login page. Sign in.

7. Once signed in, accept CybSafe’s permission requests.

8. You’ll be returned to CybSafe and asked to sign in to your CybSafe account, just to confirm the link between your accounts.

9. The CybSafe app should automatically be in your Azure Active Directory account and you can assign it to users you wish to have access

Tip: When an account is setup using Single Sign On, as Azure is connected to CybSafe, every user signed in is then authorised to use CybSafe.

If the user has not been created or has not logged into CybSafe, to ensure the best user experience. the user will be automatically created with just In Time provisioning.

Configuring SSO in CybSafe

Once you have set up SSO, you will have a few settings that can be turned on to tailor the login experience for your people.


Gsuite Single Sign On

Setting up SSO using Gsuite

Configure Google SSO for a seamless experience for your people when logging in.

As a CybSafe administrator, you can set up CybSafe accounts for everyone in your organisation using G Suite. In this article, we’ll show you how.

  1. Navigate to your Access management settings by selecting it underneath "Settings" on the left hand menu.

  2. Select G Suite in the drop down and click on "Submit".

    Image showing where to go for SSO setup for G Suite



  3. You’ll be redirected to your G Suite login page. Sign in

  4. Once signed in, accept Cybsafe’s permission requests.

  5. You’ll be returned to CybSafe and asked to sign in to your CybSafe account, just to confirm the link between your accounts.

Once you’ve completed the above steps, your people can begin signing in to CybSafe using their Google Account!

Tip: When an account is setup using Single Sign On, as G Suite is connected to CybSafe, every user signed in is then authorised to use CybSafe.

If the user has not been created or has not logged into CybSafe, the best user experience is to be automatically or just in time provisioned

Configuring SSO in CybSafe

Once you have set up SSO, you will have a few settings that can be turned on to tailor the login experience for your people.


Okta Single Sign On

Setting up SSO using Okta

Create new application inside Okta administration

  1. Click Add Application -> Create New App

  2. Select SAML 2.0 and click Create


  3. Name the application, and provide a logo (optional)



  4. The SAML settings to be configured are as follows:

    You can request a custom sso-slug via support@cybsafe.com

    Single sign on URL
    https://app.cybsafe.com/sso-login/<custom-sso-slug>/

    Audience URI (SP Entity ID)
    https://app.cybsafe.com/

    Default RelayState
    Leave this empty

    Name ID format
    EmailAddress

    Application username
    Email

    Attribute Statements:

    Table depicting the attributes that can be set


  5. Click next and follow the steps to save the new application.

  6. Remember to add users to the application!

Tell CybSafe the IDP metadata

On the Sign On page, click on “Identity Provider metadata” and then copy & paste the URL to CybSafe. It will look similar to:

We’ll then apply this URL to your account and we’ll let you know when setup is completed!

Configuring SSO in CybSafe

Once you have set up SSO, you will have a few settings that can be turned on to tailor the login experience for your people.


Configuring your SSO login settings in CybSafe

Once you have set up your Single Sign-On (SSO), you will have a few settings that can be turned on to tailor your users login experience.

If you have not yet setup your SSO take a look at the guides above.

To access your SSO settings navigate to ⚙️ Settings > Access management.

There are three settings available and some general info;

SSO passphrase measurement.

Toggling this setting on will prompt your people to set up a back-up passphrase for their account. Your people will still use SSO to login to the CybSafe platform, however they have a back-up option.

This then gives CybSafe the ability to measure the entropy of this passphrase and offer your people the opportunity to improve their behaviour.

Users will also be informed if their passphrase has been identified in a data breach.

Don't forget to click "Save" once you toggle on the setting.

You can then view information on these improved behaviours within our reporting.

Auto show passphrase login.

Toggling this setting on will display the option to login using a passphrase more prominently on our login page for users who cannot use SSO.

This setting should be used when you have people who may not be able to login using SSO, such as contractors or third parties who are not part of your tenancy.

When SSO is setup, it becomes your default login option and users are directed to using this method of authentication.

Don't forget to click "Save" once you toggle on the setting.

Disable passphrase login.

Toggling this setting on will prevent users from logging in any other way than via SSO.

This setting should only be used if everyone on the CybSafe platform can use your SSO setup.

Don't forget to click "Save" once you toggle on the setting.

SSO info and unique SSO URL

Under the three toggles you are presented with some information on your SSO integration.

  • The status of your Single Sign-On integration.

  • Your SSO Provider.

  • Your unique Single Sing-On Link, this can be shared with employees for a seamless login experience.

  • You can view the Date the connection with your SSO provider was created with CybSafe.

  • Finally you also have the capability to Delete your SSO integration should you no longer wish to use it or would prefer to connect with a different provider.


Still have questions?

If you still have questions, you can contact the CybSafe team via support@cybsafe.com. We’re on hand to help resolve any further issues!

Did this answer your question?