How to Configure SAML 2.0 for Cisco Umbrella

Read this before you enable SAML

Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service.

Backup URL

Cisco Umbrella does not provide backup log-in url where users can sign-in using their normal username and password. You can email Cisco Umbrella support to turn off SAML, if necessary.


Supported Features

The Okta/Cisco Umbrella SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. Login to your Cisco Umbrella account.

  2. Navigate to Admin > Authentication, then click ENABLE SAML:

  3. Select Okta, then click NEXT:

  4. Follow the steps below:

    • Save the following metadata as metadata.xml, then select XML File Upload and upload it to Cisco Umbrella:

      Sign into the Okta Admin dashboard to generate this value.

    • Click TEST CONFIGURATION to verify the SAML settings:

    • Wait for the Success! message, then click NEXT:

  5. Select all the checkboxes,then click SAVE AND NOTIFY USERS:

  6. Done!


SP-initiated SSO

  1. Go to: https://login.umbrella.com/sso

  2. Enter your Email, then click LOG IN: