ENTERPRISE

Configuring user groups and permissions for SSO in Burp Suite Enterprise Edition

• Last updated: April 24, 2023

• Read time: 2 Minutes

You can use SAML to configure user groups and permissions. You can also combine SAML with SCIM. This enables you to use SAML for authentication and SCIM to manage users and user groups.

Combining SAML with SCIM provides greater transparency because it enables you to view key details about your users and groups from Burp Suite Enterprise Edition.

Before you can use SAML to configure user groups, you need to set up an LDAP or SAML connection for single sign-on (SSO):

• Configuring LDAP.
• Configuring SAML.

Creating groups with SAML

This section describes how to create groups using SAML without SCIM integration:

1. Log in to Burp Suite Enterprise Edition as an administrator.
2. From the Team menu, select Groups.
3. Click New group.
4. Create a new group representing each of the groups of users in your Active Directory or SAML identity provider. Make sure that the groups you create have the same names as the ones you send from Active Directory or your SAML identity provider.
5. If you manage your users directly in Azure Active Directory, you will need to use the Group ID instead. For more information, see Configuring SAML SSO with Azure Active Directory.
6. Assign roles to your groups as required. If you do not assign any roles, users can log in but they can't access any functionality.
7. Apply site restrictions for each group as necessary. This limits which sites users in each group can access.

Users can now log in to Burp Suite Enterprise Edition using their existing credentials. For SAML SSO, users need to click the link on the login page to authenticate themselves via your identity provider.