Default access profile

A default access profile specifies predefined permissions and product assignments. You can create a default access profile to streamline the process of adding users to the Insight Platform from your external identity provider (IdP). For organizations with large user bases, a default profile can help efficiently add users to the Insight Platform and ensure that their accounts have access to the intended capabilities.

After you set up the default access profile, every new Insight user you add from your IdP will be automatically provisioned with the products and permissions configured in the profile. For example, if the default access profile has read write access to InsightIDR and InsightOps, every user added through your IdP will inherit these products and permissions.

Customize Permissions and Product Assignment

To customize permissions and product assignments, you will need to manually configure them for a user. The default access profile is a one size fits all assignment for any user provisioned through your IdP.

Set up the default access profile

Setting up a default profile allows you to provision your users from your IdP and automatically assign a set of predefined permissions and Insight products. In order to create a default user access profile, you must be an Insight platform administrator and have single sign-on configured for the Insight platform.

To set up a default access profile:

  1. Sign in to your Insight account and use the navigator to open Insight Platform Home.
  2. From the left menu, click Settings.
  3. From the Authentication tab, go to SSO Settings.
  4. Go to Step 5 of the instructions for setting up single sign-on.
  5. Click the Set Up Profile button.
  6. When the “Configure Default Access Profile” panel appears, choose the role you want to assign to the profile. The role sets the privilege level for the profile.
  7. Click Next to configure the product assignments.
  8. From the Product Assignment list, select the products you want to assign to the profile. Users will be able to log in to their Insight accounts and access the selected products.
  9. Submit your changes when you are done. Your SSO settings will show that you have an access profile configured.

Now when you provision your users through your IdP, they will inherit the permissions and products you’ve configured in the default access profile.

Update the default access profile

You can update the default access profile if you need to change the privileges or products configured for it. New users provisioned through the updated default access profile will inherit the new settings.

Impact on existing users provisioned through the default access profile

Updating the default access profile does not affect existing users already provisioned through your IdP. They will continue to be able to access the products originally provisioned.

To update the default access profile:

  1. Sign in to your Insight account and use the navigator to open Insight Platform Home.
  2. From the left menu, click Settings.
  3. From the Authentication tab, go to SSO Settings.
  4. Go to Step 5 of the instructions for setting up single sign-on.
  5. Click the Update Profile button.
  1. When the “Configure Default Access Profile” panel appears, make your changes to the permissions or product assignments.
  2. Save your changes.

Users provisioned through the default access profile will be updated to inherit the new settings.

Reset the default access profile

You can reset the default access profile if you need to remove all permissions and product assignments for users provisioned through your IdP.

Impact on existing users provisioned through the default access profile

Resetting the default access profile does not affect existing users already provisioned through your IdP. They will continue to be able to access the products originally provisioned.

To reset the default access profile:

  1. Sign in to your Insight account and use the navigator to open Insight Platform Home.
  2. From the left menu, click Settings.
  3. From the Authentication tab, go to SSO Settings.
  4. Go to Step 5 of the instructions for setting up single sign-on.
  5. Click the Reset Profile button.
  1. When the confirmation window appears, click Yes, reset to apply your changes.

New users provisioned through the default access profile will no longer be granted access to any products.