Skip to content

SSO Login#

CSIRT Plan Only

SAML integration is only available on the CSIRT plan. Additionally, organization owner permissions are required for configuration.

By integrating with SAML, you can enable SSO with FutureVuls using your existing authentication infrastructure. FutureVuls supports both SP-initiated SSO and IdP-initiated SSO.

To use SSO login, you must configure SAML integration and then invite members via SSO.

How to Configure#

You can configure this from Organization Settings > Security > Register SAML IdP.

saml

IdP (Identity Provider) Side Configuration#

Please register the following information displayed on the FutureVuls screen mentioned above:

  • SSO Endpoint
  • Entity ID

Specify Email for the attribute statement.

Configuration examples for popular IdP services are as follows:

FutureVuls Configuration#

You can register an IdP on a per-organization basis. You can also register multiple IdPs. As of July 2022, specifying an IdP for login on a per-group basis is not supported.

Registering an IdP#

You can register an IdP using the "Register SAML IdP" button. The registration details are as follows.

Item Description
SAML IdP Name Enter the name of the IdP you are using. This name will be displayed on the SSO login screen.
Email Attribute Definition Enter the attribute statement name configured in your IdP whose value contains the email address.
Metadata You can register either the metadata endpoint URL or the metadata file, but not both.
If a metadata endpoint URL is available, please enter it.
You can also upload the metadata file directly. The maximum file size is 100KB.
Accept IdP-initiated SSO Check this box to accept IdP-initiated SSO.
If unchecked, only SP-initiated SSO will be accepted.

When Accepting IdP-initiated SSO

If you accept IdP-initiated SSO, please register the RelayState in your IdP's management console. The RelayState is displayed after completing IdP registration. You can also view this RelayState on the IdP edit screen.

RelayState

Some IdPs may not allow setting a static RelayState. In such cases, you cannot use IdP-initiated SSO (e.g., Auth0).

Discontinuation of SSO Information Sharing Feature (Effective July 14, 2025)

To enhance security, the feature for sharing SSO information with other organizations has been discontinued. Each organization will need to configure SSO settings independently. Users belonging to multiple organizations must set up SSO for each organization.

After SAML Configuration#

After configuration, refer to the following links based on your use case: