ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

I setup SecureX sign-on, why do I have to sign into AMP again from SecureX?

357
Views
5
Helpful
0
Comments

Question

I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?

Screen Shot 2020-07-07 at 1.11.08 PM.png --->  Screen Shot 2020-07-07 at 1.13.47 PM.png

Answer

The answer depends on how you signed into SecureX. To start, remember that CSA is the identity provider (IdP) for AMP, Cisco Threat Response (CTR), Orbital, and optionally for Threat Grid. CSA can be configured to delegate authentication to SecureX sign-on.

1. I signed into SecureX using SecureX sign-on

Screen Shot 2020-07-07 at 1.19.03 PM.png

In this case, you have a SecureX sign-on browser session, but you don't yet have a CSA session. You need to initiate a CSA session by choosing "Single sign-on" and clicking through to join your SecureX sign-on session.

Screen Shot 2020-07-07 at 1.13.47 PM.png

2. I signed into SecureX using CSA:

Screen Shot 2020-07-07 at 1.19.24 PM.png

In this case, you should have a CSA session when you click the AMP launch button, and be connected directly to your configured AMP tenant. Remember, it is connected to your specific tenant, whether North America, EU, or APJ