Rapid7 Platform Login
Overview
InsightCloudSec now allows customers to take advantage of the ability to log in to your InsightCloudSec installation through the Rapid7 Insight Platform. This capability provides new and existing Rapid7 and InsightCloudSec customers with the opportunity to unify their access to Rapid7 tools in a single interface.
This capability is supplemental to your existing login workflow, you can still use your domain-based login to access InsightCloudSec.
Support Items to Note
SaaS-Only
Platform login is only available to InsightCloudSec SaaS (hosted) customers.
Just In-Time (JIT) Support
While InsightCloudSec does support Insight Platform logins using Just In-Time (JIT) User Provisioning, you will need to request that this capability be enabled as it is disabled by default. Reach out to your CSM or support to request that this be enabled.
Prerequisites
Email Requirements
- If an email address is in use by more than one user, you will not be able to log in.
- Email addresses within InsightCloudSec must be unique for a Platform login.
JIT User Provisioning
- Users logging in via the Platform must have an assigned InsightCloudSec role to login, this includes JIT.
- When JIT is implemented it will provision the user and assign it a role.
- If the user's role has changed on InsightCloudSec or Platform those changes will not be reflected.
- Changes to roles (role synchronization) will be implemented in a future update.
Getting Started - For Admins
A designated administrator is required to manage your Platform login. After receiving credentials you will need to log in to the Platform and establish access for the users for which you want to enable a Platform login.
Platform Administrators and InsightCloudSec Administrators
Platform Administrators and InsightCloudSec Administrators are entirely independent of one another. If you need administrative rights to the Platform, reach out to us through your CSM or through the Customer Support Portal.
Understanding Roles
Before creating users and assigning roles it’s important to understand the differences between Platform roles and InsightCloudSec roles. Role mapping between the Platform and InsightCloudSec is as follows:
Platform Role | InsightCloudSec Role |
---|---|
Domain Admin | InsightCloudSec Domain Admin |
Domain Admin w/ Read-Only Checkbox | InsightCloudSec Domain Viewer |
Organization Admin | InsightCloudSec Organization Admin |
Basic User | InsightCloudSec Basic User |
- For details on managing users within the Platform check out Manage Insight User Access.
- For details on Users/Roles within InsightCloudSec refer to Users, Groups, and Roles (User Management) and also our User Entitlements Matrix.
Adding Users
Bulk Add/Import
Bulk import or adding multiple users is available if you have SSO enabled on the Platform. Refer to the Platform documentation for single sign-on for additional details.
Adding InsightCloudSec to an Existing User
Refer to the steps below to add InsightCloudSec as a tool to an existing Platform user:
- From the Platform login page, select the User Management option.
- Select the target user.
- Under Access, select Edit (pencil icon) in the Product Access section.
- Select InsightCloudSec and then add either the desired User Group, or Individual User Permissions.
- Click Save to apply these changes to the user.
Adding a New User for InsightCloudSec
Refer to the steps below to add a new InsightCloudSec user to the Platform:
- From the Platform login page, select the User Management option.
- Select Create User and then select InsightCloudSec as the product.
- Add the User Details (First Name, Last Name, Email, Timezone) and select Next.
- Add the User to a User Group if desired, or click Manage Individual Permissions to apply permissions individually for the user you’ve just created. Each user you create will require a role to allow access.
- After completing the required configuration, click Save to complete the setup for that user.
Getting Started - For Users
Users who have been provided with access to InsightCloudSec through the Platform will receive an email notification for their account creation.
Users will need their email address to login, not their InsightCloudSec username. In some scenarios these may be the same depending on how your previous access was configured.
After logging in to the Rapid7 Insight Platform, select Open on the InsightCloudSec tile to access your InsightCloudSec Platform. If you do not see a tile, reach out to your Platform Administrator.
This tile/button will navigate to a new URL, however the direct URL you’ve used previously to access your InsightCloudSec installation is also still available.
For details on managing your profile within the Platform refer to the Profile Settings Documentation.
Other Considerations for Users
Once you have confirmed access to InsightCloudSec we recommend validating that the email you are using is the same in your InsightCloudSec profile.
To view/update your email address do the following:
- From the global menu, select My Profile.
- Scroll to the Email Address field, if your email address requires an update click Edit to enable editing and make any desired changes.