Using an Identity Provider for Your Cato Account

The goal of this article is to show the different options that you can integrate Identity Providers (IdPs) with your Cato account for SSO for the following users: clientless SDP, Cato Clients, and admins to the Cato Management Application.

Overview of IdPs and SSO with Cato

Cato lets you select one of several IdPs to provide authentication for users that are connecting to your account over the Cato Cloud. The following table gives an overview of connecting an IdP to your Cato account.

  • IdP - name of the Identity Provider

  • Configuring the IdP - Settings that you configure in the IdP to connect to your Cato account

  • Users Provisioned to Cato - How users are provisioned and synced from to IdP to your Cato account

  • Users that Authenticate with the IdP - Which users are synced to your Cato account and can use SSO

IdP

Configuring the IdP

Users Provisioned to Cato

Users That Authenticate with the IdP

Notes

Azure

Configure the Windows server

LDAP and SCIM

Users and groups synced in Directory Services

See Configuring Azure SSO for Your Account

Okta

Configure the Cato app in Okta

LDAP and SCIM

Users and groups synced in Directory Services

See Configuring Okta SSO for Your Account

Google

N/A

N/A

All users created in the Cato Management Application

See Configuring Google SSO for Your Account

OneLogin

Configure Cato app in OneLogin

vLDAP and SCIM

Users and groups synced in Directory Services

See Configuring LDAP Sync and SSO with OneLogin

JumpCloud

Configure Cato app in JumpCloud

LDAP

Users and groups synced in Directory Services

OneWelcome

Configure connection to your Cato account in OneWelcome

SCIM

Users and groups synced in Directory Services

For more about OneWelcome and Cato, contact Support

For more about using SSO with your Cato account, see Configuring SSO and the Subdomain for the Account.

For more about user provisioning with SCIM, see article for the relevant IdP:

Selecting the LDAP Provider

The LDAP Directory Service providers show the LDAP provider which is defined for the account. When you are defining the LDAP domain, select the AD Provider for your organization.

You can only edit the AD Provider, when there is a single domain defined for your account.

To select the AD provider for the domain:

  1. From the navigation menu, click Access > Directory Services, and select the LDAP tab or section.

  2. Click New, or click the AD Provider.

    The Edit or New Directory Service panel opens.

  3. From the General tab, in the AD Provider drop-down menu, select the LDAP provider.

    LDAP_AD_Provider.png
  4. Click Save & Close.

Was this article helpful?

0 out of 0 found this helpful

2 comments

Add your comment