SonicOS 7.1 Users
- SonicOS 7.1
- About SonicOS
- About User Management
- Using Local Users and Groups for Authentication
- Using RADIUS for Authentication
- Using LDAP/Active Directory/eDirectory Authentication
- Using RADIUS
- Using TACACS+
- Using Single Sign-On
- What is Single Sign-On?
- Benefits of SonicWall SSO
- Platforms and Supported Standards
- How Does Single Sign-On Work?
- How Does SSO Agent Work?
- How Does Terminal Services Agent Work?
- How Does Browser NTLM Authentication Work?
- How Does RADIUS Accounting for Single-Sign-On Work?
- Installing the Single Sign-On Agent and/or Terminal Services Agent
- Single Sign-On Advanced Features
- Configuring Access Rules
- Managing SonicOS with HTTP Login from a Terminal Server
- Viewing and Managing SSO User Sessions
- Multiple Administrator Support
- Configuring Users Status
- Configuring User Settings
- User Login Settings
- Setting the Authentication Method for Login
- Configuring RADIUS Authentication
- Configuring LDAP
- Configuring TACACS+
- Requiring User Names be Treated as Case-Sensitive
- Preventing Users From Logging in from More than One Location
- Forcing Users to Log In Immediately After Changing Their Passwords
- Displaying User Login Information Since the Last Login
- Setting the Single-Sign-On Methods
- One-Time Password Settings
- Configuring the User Web Login Settings
- Adding URLs to Authentication Bypass
- User Session Settings
- Accounting
- [[[Missing Linked File System.LinkedTitle]]]
- User Login Settings
- Configuring and Managing Partitions
- Configuring Local Users and Groups
- Configuring Guest Services
- Configuring Guest Accounts
- Managing Guest Status
- SonicWall Support
3rd Party API
The SSO API is an XML/JSON based REST API for 3rd-Party devices or scripts to pass user login/logout notifications to the SonicWall.
- Navigate to the Device > Users > Settings > Authentication page.
- Next to Configure SSO, click Configure.
The SSO Configuration page is displayed.
-
Click the 3rd Party API tab.
-
In the API Clients tab, click Add Client.
-
Under the Settings tab, select the following:
-
In the Host Name or IP Address(es) field, enter the name or IP address of the terminal server on which SonicWALL TSA is installed.
-
If partitioning has been configured then in the Partition drop-down menu select the Default.
-
In Authenticate the client via select one of the following:
-
Shared secret
-
Certificate
-
Both
-
-
In the Shared Key field, enter the shared key that you created or generated in the SonicWALL TSA.
-
Re-enter the shared key in the Confirm Shared Key field.
-
-
Click Save.
-
Under the Advanced tab, select the following:
-
To select the level of security to use for verification of the shared secret, in Shared secret verification security level, select one of the following :
-
High with and select the checkboxes SHA256 and SHA512
-
Medium (SHA256 but no replay prevention)
-
Low (no shared secret verification)
-
-
Select the Enable CSRF/replay prevention check box to prevent the Cross-Site Request Forgery.
-
Enable the Restrict origins if client uses CORS check box to prevent if a client uses Cross-Origin Resource Sharing (CORS) then as an additional security precaution this can be set to restrict the origins of the XML/JSON data that it sends.
-
Enter the URL of a domain in Allow origins.
-
To allow to keep connections on the SSO API open across multiple requests enable the Allow persistent connections.
-
-
Click Save.
-
- In the General Settings, do the following:
- Select the Enable SSO 3rd-Party API option. This option is disabled by default.
- Select the Use the HTTPS Management port option. This option is enabled by default.
- Enter the HTTPS port number field. The default is 444.
- Click Save.
Was This Article Helpful?
Help us to improve our support portal