Authentication Options

Use the Authentication page to set global options for 2-factor authentication (2FA), SAML single sign-on (SSO), and IP address access restriction. This page is visible only for administrator users.

Configure 2-factor authentication

You can set which methods of 2FA are available for user login, as well as how long an inactive user session will remain active.

To set 2FA options:

1. From the Settings > Authentication page, 2FA section, select the 2FA methods to enable.
   You can change this setting later.
2. Click Save changes.

To change the session timeout duration:

1. From the Settings > Authentication page, set the session timeout period.
   You can change this setting later.
2. Click Save changes.

Configure single sign-on

You can integrate access to the Threat Command through various single sign-on (SSO) platforms. Both IdP initiation and SP initiation are supported.

In addition, you can provision users directly using SAML Just In Time method (JIT) method (for Azure AD and Okta SSO only).

The configuration activities are performed by the Threat Command administrator.

Continue with the platform that matches your configuration:

• Configure Azure AD SSO
• Configure Generic SAML SSO
• Configure Okta SSO
• Configure PingOne SSO

Restrict access to certain IP addresses

You can restrict access to Threat Command only to specified IP addresses.

To restrict which IP addresses can access Threat Command:

1. From the Settings > Authentication  page, Access restriction section, click Add a new IP address.
2. Type the IP address which is permitted to access.
   You can enter a range, for example: 172.16.16.255/24
3. (Optional) You can add a description.
4. Click Save.
5. To add additional IP addresses, repeat this process.

The added IP addresses are permitted to access Threat Command.