Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1960
Views
0
Helpful
1
Replies

SAML Authentication for CISCO SBL

karthickvdm
Level 1
Level 1

‎07-26-2023 01:36 AM

We are currently working on enabling users to change their first time login password over CISCO SBL. But heard SAML authentication is not possible in CISCO SBL sometimes before. Is there any progress to allow the users using SAML authentication to change their password over CISCO SBL?

Do we have any alternate options for user to change their first time password over SBL? 

Labels:
0 Helpful
1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

‎08-01-2023 03:24 PM

Hi karthickvdm,

You are correct, SAML is currently not support with SBL, we already have an enhancement request but there is not an ETA (CSCvm86891) for the support. About alternative options that will depend completely on your setup:

- If you are trying to change the password store in a SAML IDP database, this is not supported/

- If you are using SAML and the user database comes from an AD server you can create a secondary connection profile so the users can authenticate against AD (radius with mschapv2 or ldaps) with password management so the user will change the password during the initial connection through SBL, keep in mind this will connect them to the VPN in the secondary connection profile and a new connection will be required with the connection profile using SAML in order to test the new password.

-JP-

Hope this helps!

0 Helpful
Customers Also Viewed These Support Documents