SSO With SAML

Below are the standard settings when setting up SAML with Recorded Future. 

Recorded Future uses a unique string referred to as an SSO_Key. This key is specific to each organization’s configuration. The SSO_Key will be provided during the initial setup by Recorded Future and must be replaced in certain fields as indicated below:

• Post-back URL (also called ACS / Assertion Consumer Service URL or Sign-In URL): 

https://sso.recordedfuture.com/login/callback?connection=SSO_KEY

• Entity ID of the Service Provider (Recorded Future) default value:

urn:auth0:recordedfuture:SSO_KEY

• • If available use: 

connection.options.entityId

• SAML Request Binding (also called the Protocol Binding): sent to the IdP from Auth0. If possible, dynamically set the value based on connection.options.protocolBinding:

If dynamically setting the value is not possible, set as either HTTP-Redirect (default) or HTTP-POST if selected in Protocol Binding

• The SAML Response Binding: how the SAML token is received by the SP from IdP, set as HTTP-Post

• The NameID format: unspecified

• The SAML assertion and the SAML response can be individually or simultaneously signed.

• The SingleLogout service URL, where the SAML Identity Provider will send logout requests and responses. SAML logout requests must be signed by the Identity Provider.

https://sso.recordedfuture.com/logout

• Metadata: Some SAML Identity Providers can accept importing metadata directly with all the required information. You can access the metadata for your specific connection here:

https://sso.recordedfuture.com/samlp/metadata?connection=SSO_KEY