Get Started with Single Sign-on


This tutorial is intended to guide you through the steps for configuring user name/password applications or SAML applications and giving your Active Directory users single sign-on (SSO) access to these applications using their Active Directory accounts. CyberArk Identity has many configuration and customization options. However, this tutorial will only focus on the basics of SSO to applications.

The procedures include:

  1. Install a CyberArk Identity Connector -- (Skip this procedure if you have done it as part of another tutorial.) The connector serves many functions, but in this use case, you need it for integrating Active Directory with CyberArk Identity to authenticate users using their domain user accounts.
  2. Assign domain users or groups to System Administrator role -- (Skip this procedure if you have done it as part of another tutorial.) You can secure your default administrator account by using your own personal account to administer CyberArk Identity.
  3. Deploy a web SAML Application -- You can now deploy a SAML application to experience SSO.
  4. Deploy user password web applications -- Follow these instructions to deploy a user password web application.
  5. Specify who can see specific applications in User Portal -- (Optional) These configurations are only necessary if you want to give additional users SSO access to this application