To date, accessing products and applications on Rapid7’s Insight platform has required customers to set up dedicated “local” user accounts, then log in by visiting insight.rapid7.com. However, many customers already have their own existing single sign-on (SSO) service set up that’s governed by an authorized identity provider (IdP), and they would prefer to be able to extend user access to their Rapid7 Insight account directly from there.
To help, we are introducing a new capability into the Rapid7 Insight platform to enable what is commonly referred to as identity provider-initiated login. When this feature is enabled, users can simply log in to their existing SSO service and navigate to the Insight platform application. This enables customers to maintain centralized administration of user access to all of their authorized applications and means that users can easily access all their applications from a single hub/location.
Why is this SSO feature needed?
This capability has been rolled out to allow Rapid7 customers to integrate their Insight applications with their existing SSO solution, therefore governing access from a central location (i.e., centralize administration). This allows their users to gain access to their Insight platform account directly after logging in to their SSO solution and avoids the need to have a separate user account and login for the Insight platform.
What does the user journey look like now?
With this feature enabled, users now log into their existing SSO and see the Insight platform as an authorized application. Once they click the application, they are authorized to access the Insight platform through identity provider-initiated SAML assertion.
What are the benefits of SSO?
This capability leads to an improved user experience, as customers can simply access the Insight platform using their existing SSO user account. They no longer have to log in separately via insight.rapid7.com. The change also supports extensible authentication options, as customers now have the ability to integrate access to their Insight applications with any SAML 2.0-compliant SSO solution. The setup is completely self-serve and intuitive, and can be set up directly from an existing Rapid7 Insight account. More details can be found here.