Key9 Identity
  • Welcome To Key9 Identity
  • SSH
    • Installation & Setup
      • MacOS Yubikey Smartcard/PIV instructions.
        • 1. Installation of MacOS software
        • 2. Changing the Yubikey PIN.
        • 3. Generating Keys and Certificates for the Yubikey
        • 4. Enrolling the public key to Key9
        • 5. Testing and configuring SSH
      • Windows Yubikey Smartcard/PIV instructions
        • 1. Installation of Windows software.
        • 2. Getting the system ready for libykcs11.dll
        • 3. Adding libykcs11.dll to SSH configurations.
        • 4. Generating Keys and Certificates for the Yubikey
        • 5. Enrolling the public key to Key9
        • 6. Testing your SSH key.
      • OpenSSH with Yubikey / FIDO2 protected keys
        • 1. Prerequisites
        • 2. OpenSSH command for Yubkey FIDO2
        • 3. Enrolling your public key to Key9
        • 4. Testing your SSH key
      • Setting a Yubikey PIN without Yubikey software.
        • 1. Using Key9 "registration" to register a new Yubikey PIN.
        • 2. Using "webauthn.io" to register a new Yubikey PIN.
      • RSA Password Protected SSH Key
        • 1. Key9 Settings to allow RSA
        • 2. Generating RSA SSH Key
        • 3. Enrolling your public key to Key9
        • 4. Testing your SSH key
      • Determine your Yubikey Type
        • 1. Linux "lsusb" command
        • 2. MacOS "ioreg" command
        • 3. Windows 11
      • Useful External Links
      • Windows Powershell with Yubikey/FIDO2-protected SSH keys
        • 1. Download OpenSSH for Windows.
        • 2. Setting up your SSH keys
        • 3. Enrolling your public key to Key9
      • Technical Notes
        • Pop!_OS - "agent refused operation"
      • Key9 SSH for Debian 12 [Bookworm] Howto
        • 1. Installing GPG
        • 2. Configuring the Key9 Debian 12 Repo.
        • 3. Configuring the Key9 SSH client
        • 4. Configuring Name Service Switch [/etc/nsswitch.conf]
        • 5. Configuring the OpenSSH server
        • 6. Modifying "sudoers" [optional]
        • 7. Configuring "k9-tail" for logs [optional]
        • 8. Automatic home directory creation [optional]
  • Web
    • Marketplace Applications
      • Amazon Web Services
      • Atlassian Jira
      • Cyera
      • GitBook
      • Google Workspace
      • KnowBe4
      • LibreNMS
      • NetBox
      • SentinalOne
      • Wiz
Powered by GitBook
On this page
  1. Web
  2. Marketplace Applications

SentinalOne

Configuring Key9 Identity SAML SSO with SentinalOne

To setup SentinelOne, we just need two pieces of information (See Vendor Setup Information for more information)

The only required parameter is the users email address, so we will assign the default SamlID field as that parameter.

  1. Assertion Consumer Service URL:This url can be found in the SAML configuration via SentinelOne.

  2. SP Entity ID:This url can be found in the SAML configuration via SentinelOne.

You will need to have an Administrator account to setup SSO.

To set up single sign-on (SSO) for SentinelOne, you can do the following:

  1. Log in to your SentinelOne account as an administrator.

  2. Click Settings in the left menu sidebar.

  3. Click the Integrations tab.

  4. Click SSO under Types.

  5. Toggle on Enable SSO.

Copy and paste the following URLs from SentinelOne into Key9 Setup Items

  1. Assertion Consumer Service URL

  2. SP Entity ID

Click the Create Application button in Key9.

After you have created your Key9 application, click the SSO tab in the side navigation.

Back in the SentinelOne console:

  1. Enter your Domain Name(s).

  2. Leave the Auto Provisioning box unchecked.

  3. Leave the Sign SAML Request box unchecked.

Copy the following information from the Key9 SSO tab to SentinelOne:

  1. Copy the Key9 Entity ID url to the IssuerID field.

  2. Copy the Key9 SSO url to the IDP redirect URL field.

  3. Download the Key9 X.509 Certificate for upload to the IDP public certificate field.

(To view and copy the x509 certificate in Key9, select View Certificate Details from the Certificate Options dropdown menu, then click the copy icon.)

Click Test, then Save

-------------------

By default, applications are not active upon creation. Active applications are immediately available to assign groups. Applications should only be activated when you have configured the Service Provider (SP).

PreviousNetBoxNextWiz

Last updated 4 months ago