Configure Single Sign-On (SSO)

The following diagram provides an overview of deploying an application to use single sign-on.

If the web application uses SAML for single sign-on purposes, there are additional configuration options. For more information, see the instructions for the application you want to configure. To access application-specific instructions, click the Application Configuration Help link in the application setup page in the Identity Administration portal, or search CyberArk help for the application you want to configure.

Application-specific settings are configured in the application configuration pages available once you add an application from the App Catalog (web apps or mobile apps). Some of the pages are required in order to deploy the application and others are optional or are not available.

See the following for additional information on each configuration page:

Configuration page

Additional Information


Configure application-specific settings

Enable derived credentials

Choose a certificate file


Change the app name, description, or logo, and add notes

Specify the Application ID

Display the application in the user app list

User Access

Deploy applications


Secure apps with MFA

Account Mapping

Map user accounts

SAML Response

Edit the assertion script

Linked Applications

Add or delete linked applications


Outbound provisioning

App Gateway

Access applications outside the network


View a log of recent changes


Set up a request and approval workflow

Restrictions (mobile apps only)

Set application restrictions

Deployment Status (mobile apps only)

View Deployment Status