cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Cisco Community November 2020 Spotlight Award Winners

I setup SecureX sign-on, why do I have to sign into AMP again from SecureX?

635
Views
5
Helpful
1
Comments

Question

I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?

Screen Shot 2020-07-07 at 1.11.08 PM.png --->  Screen Shot 2020-07-07 at 1.13.47 PM.png

Answer

The answer depends on how you signed into SecureX. To start, remember that CSA is the identity provider (IdP) for AMP, Cisco Threat Response (CTR), Orbital, and optionally for Threat Grid. CSA can be configured to delegate authentication to SecureX sign-on.

1. I signed into SecureX using SecureX sign-on

Screen Shot 2020-07-07 at 1.19.03 PM.png

In this case, you have a SecureX sign-on browser session, but you don't yet have a CSA session. You need to initiate a CSA session by choosing "Single sign-on" and clicking through to join your SecureX sign-on session.

Screen Shot 2020-07-07 at 1.13.47 PM.png

2. I signed into SecureX using CSA:

Screen Shot 2020-07-07 at 1.19.24 PM.png

In this case, you should have a CSA session when you click the AMP launch button, and be connected directly to your configured AMP tenant. Remember, it is connected to your specific tenant, whether North America, EU, or APJ

Comments
Beginner

@diddly wrote:

Question

I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?

Screen Shot 2020-07-07 at 1.11.08 PM.png --->  Screen Shot 2020-07-07 at 1.13.47 PM.png

Answer

The answer depends on how you signed into SecureX. To start, remember that CSA is Myindigocard the identity provider (IdP) for AMP, Cisco Threat Response (CTR), Orbital, and optionally for Threat Grid. CSA can be configured to delegate authentication to SecureX sign-on.

1. I signed into SecureX using SecureX sign-on

Screen Shot 2020-07-07 at 1.19.03 PM.png

In this case, you have a SecureX sign-on browser session, but you don't yet have a CSA session. You need to initiate a CSA session by choosing "Single sign-on" and clicking through to join your SecureX sign-on session.

Screen Shot 2020-07-07 at 1.13.47 PM.png

2. I signed into SecureX using CSA:

Screen Shot 2020-07-07 at 1.19.24 PM.png

In this case, you should have a CSA session when you click the AMP launch button, and be connected directly to your configured AMP tenant. Remember, it is connected to your specific tenant, whether North America, EU, or APJTheDailyGrind


Very helpful and informative. Thank for sharing this post.

Content for Community-Ad