Administration | SGNL
Steps to administer SGNL, from configuring sign-in to SGNL, to troubleshooting unexpected policy decisions in the system.| help.sgnl.ai
Steps to administer SGNL, from configuring sign-in to SGNL, to troubleshooting unexpected policy decisions in the system.| help.sgnl.ai
Welcome to the SGNL Help Center Welcome to the SGNL Help Center. Here you will find articles that will help you to understand how to complete common tasks, guides to help troubleshoot SGNL, and guides to help teach you more about the SGNL platform. To get started select one of the sections below or from the sidebar.| SGNL
Adapters Adapters are proxy-like services that are used by SGNL to communicate to their respective Systems of Record. The figure above depicts where adapters are placed in the ingestion flow from the SoRs to the SGNL platform. Adapters communicate with SoR APIs in a protocol the SoR supports and retrieve data about resources and their attributes. The received response from the SoR is transformed to a SGNL format that allows it to ingest data from the SoR into the SGNL graph. There are two typ...| SGNL
Entities and Relationships Systems of Record (SoR) provide SGNL with valuable business context in order to make policy decisions. When you configure a System of Record, you tell SGNL how to connect to the source, as well as describe the types of objects and attributes you want to bring into the SGNL graph.| SGNL
Creating and Managing Template Catalogs A catalog is a collection of SoR YAML templates stored in a version control system. SGNL currently supports adding GIT repositories as catalogs through the SGNL console. Therefore, any GIT service provider that supports the GIT protocol over HTTPS can be added to SGNL as a SoR Catalog.| SGNL
Catalogs and Templates for Systems of Record SGNL gives users total control over the creation and management of Systems of Records through Catalogs and Templates. Briefly, a catalog is a collection of template files in YAML format. Templates define Systems of Records, the supported authentication methods, entities, attributes and relationships between entities. The following diagram shows how catalogs and templates are structured:| SGNL
Systems of Record Templates SoR Templates allow you to define and manage your System of Record integrations with SGNL through YAML files - one per SoR. YAML is a human-readable data serialization format commonly used for configuration files. SoR templates follow a predefined structure and allow you to define configuration/metadata, authentication mechanisms, and synchronization behavior. Moreover, you can also specify the schema for entities you would like SGNL to ingest as well as their attr...| SGNL
Creating and Configuring an Active Directory System of Record Prerequisites Active Directory Domain Controller with LDAP/LDAPS enabled Service Account with read permissions to Active Directory objects (users, groups, and any other entities you wish to synchronize) SGNL User Account with Admin privileges Network connectivity between SGNL and your Active Directory Domain Controller(s) For LDAP: Port 389 (default) or custom port For LDAPS: Port 636 (default) or custom port (For LDAPS) SSL certif...| SGNL
Creating and Configuring an Entra ID System of Record Prerequisites Entra ID Account with Administrative privileges to Register Apps and Consent to User/Group Read Access in the Microsoft Graph SGNL User Account with Admin privileges Permissions Required SGNL firmly believes in the principle of least privilege, as such - only the access required to achieve your authorization use-cases should be granted. SGNL requires an App to be registered in the Entra ID Tenant to be synchronized that has r...| SGNL
Creating and Configuring an Azure API Management System of Record Prerequisites A running Azure API Management Service Permissions Required Permissions to Administer Azure API Management through an Azure RBAC Role, or delegated permissions Configuring Azure API Management Launch the Azure API Management blade from the Azure Portal| SGNL
Ingesting Entities from an AWS S3 Bucket Apart from connecting to live Systems of Record and ingesting data into the SGNL Graph, SGNL also allows you to ingest CSV files from an AWS S3 bucket for your System of Record’s entities.| SGNL
Creating and Configuring a BambooHR System of Record BambooHR is a comprehensive human resources information system (HRIS) that provides essential employee data and organizational context for access control decisions. By integrating BambooHR with SGNL, you can establish relationships between employees, supervisors, departments, and roles that enable sophisticated policy-based access control throughout your organization.| SGNL
Creating and Configuring a Curity System of Record Prerequisites A running instance of Curity Identity Server, including: Curity User Management Curity Token Service A Curity service running on an HTTPS endpoint to enable secure token exchange Permissions Required The Curity ‘read’ scope for the Client SGNL will use Configuring Curity Login to the Curity Admin Web Service and browse to the Token Service Profile| SGNL
Creating and Configuring a CrowdStrike System of Record Prerequisites SGNL User Account with at least Protected System Admin and Log Reader (or Global Reader) privileges to your SGNL Client. Crowdstrike Admin Account, able to generate OAuth Clients with Identity Protection scopes Configuring CrowdStrike Generating Client Credentials Log in to the CrowdStrike Console. From the left menu, select Support and Resources, then API Clients and Keys. Create an API Client by selecting “Create API Cl...| SGNL
Creating and Configuring a Duo System of Record Prerequisites SGNL User Account with at least Protected System Admin and Log Reader (or Global Reader) privileges to your SGNL Client. Duo Account with privileges to create API applications and retrieve keys and secrets [Not from the Sources]. Configuring Duo Generating an API Key Log in to the Duo Console. From the left menu, select Applications and then Admin API. Copy your Integration Key, Secret Key, and API Hostname and store them somewhere...| SGNL
1. Introduction Adapters are proxy-like services that are used by SGNL to communicate to their respective Systems of Record (SoR). The figure above depicts where adapters are placed in the ingestion flow from the SoRs to the SGNL platform. Adapters communicate with SoR APIs in a protocol the SoR supports and retrieves data about resources and their attributes. The received response from the SoR is transformed to a SGNL format that allows it to ingest data from the SoR into the SGNL graph.| SGNL
Creating and Configuring a Jira Cloud System of Record Prerequisites An Atlassian account with the following permissions: Read all Jira Users Read all Jira Issues Configuring Jira Cloud Go to Atlassian ID Portal and login with an account you will use to synchronize data from Jira to SGNL| SGNL
Creating and Configuring a Jira Data Center System of Record Prerequisites A Jira Data Center instance with an account that has the following permissions: Read access to Users Read access to Issues Read access to Groups For Username/Password authentication: Valid credentials for a user with the above permissions For Personal Access Token authentication: A valid PAT created in Jira Data Center Network connectivity requirements: SGNL requires inbound connectivity to your Jira Data Center instan...| SGNL
Creating and Configuring an Okta System of Record Prerequisites An Okta User account with elevated privileges to read the Okta APIs Permissions Required Ability to add a new API Service Integration with scopes: okta.users.read, okta.groups.read Ability to generate an Okta API Key (if using an API Key method of authentication) Ability to read User and/or Group objects that are needed to be synchronized to SGNL Configuring Okta Using OAuth2 with an API Service Integration Login to your Okta Org...| SGNL
Creating and Configuring an AWS System of Record Amazon Web Services (AWS) Identity and Access Management (IAM) integration provides comprehensive visibility into your AWS account’s identity infrastructure, bringing critical cloud identity and permission data into SGNL for sophisticated access control decisions. This integration focuses specifically on IAM entities including users, roles, groups, policies, and their complex relationships within your AWS environment.| SGNL
Creating and Configuring a Google Workspace System of Record Google Workspace provides comprehensive organizational identity and collaboration data that serves as a foundational element for sophisticated access control decisions. By integrating Google Workspace with SGNL, you bring essential user information, organizational structure, group memberships, and administrative context into your access control framework, enabling policies that reflect how your organization actually operates and col...| SGNL
Creating and Configuring a HashiCorp Boundary System of Record HashiCorp Boundary provides secure, identity-based access to dynamic infrastructure resources, bringing critical infrastructure access context into SGNL for sophisticated access control decisions. By integrating Boundary with SGNL, you gain comprehensive visibility into who is accessing which infrastructure resources, their session patterns, credential usage, and the hierarchical scope structures that govern resource access within...| SGNL
Creating and Configuring an Entity Push System of Record Early Access Feature: Entity Push Systems of Record are currently available as an Early Access feature. This feature enables real-time updates to the SGNL graph through SCIM Security Event Tokens (SETs), providing real-time graph updates for use in policy evaluation and CAEP Hub.| SGNL
Creating and Configuring a SailPoint IdentityIQ System of Record SailPoint IdentityIQ provides comprehensive identity governance and administration (IGA) capabilities that bring critical compliance, risk management, and identity lifecycle context into SGNL for sophisticated access control decisions. By integrating IdentityIQ with SGNL, you gain deep visibility into user identities, role assignments, entitlement management, policy violations, approval workflows, and the complete governance lif...| SGNL
Creating and Configuring an SSF CAEP Event System of Record Shared Signals Framework (SSF) CAEP Events provide real-time security event streaming capabilities that enable Continuous Access Evaluation Protocol (CAEP) for dynamic access control decisions. Unlike traditional Systems of Record that synchronize static data, the CAEP Events integration receives real-time security events that signal changes in user security posture, device compliance, session status, and authentication context acros...| SGNL
Creating and Configuring an SSF RISC Event System of Record Shared Signals Framework (SSF) RISC Events provide real-time risk and incident sharing capabilities that enable immediate response to account security events and identity lifecycle changes. Unlike traditional Systems of Record that synchronize static data, the RISC Events integration receives real-time security events that signal critical account state changes, credential compromises, and identity risk events across your identity eco...| SGNL
Creating and Configuring a PagerDuty System of Record Prerequisites A PagerDuty Account with Admin privileges to create API key and/or Register Apps Configuring PagerDuty Go to PagerDuty Portal and login with an account you will use to synchronize data from PagerDuty to SGNL| SGNL
Creating and Configuring a Sailpoint IdentityNow System of Record Prerequisites Sailpoint Account with permissions to create API Keys in Sailpoint and assign Scopes SGNL User Account with at least Protected System Admin and Log Reader (or Global Reader) privileges to your SGNL Client Configuring Sailpoint IdentityNow Using OAuth2 with Client Credentials Flow Note This flow is suitable for those objects in Sailpoint that do not require admin or user context, Accounts and Entitlements (and the ...| SGNL
Best Practices for Managing and Securing Protected Systems Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In other guides, we’ve explored implementation and management specifics for types of Protected Systems, however in this guide, we’ll explore Best Practices associated with any system you might onboard to SGNL. This guide will discuss default and recommended settings for the Protected System, as well as managing and main...| SGNL
Protecting a System with a SGNL SDK Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll explore using one of SGNL’s SDK as the enforcement point for policy decisions made in the SGNL Platform. For a complete overview of how to evaluate access in your application or service from a SGNL SDK, visit our developer documentation.| SGNL
Protecting Apigee with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your APIs by integrating SGNL with Apigee to enable continuous access evaluations. If you’re not sure if an Apigee and SGNL Integration is right for your enterprise, visit our Apigee Blog Post or watch the video below to learn more.| SGNL
Protecting Auth0 App Sign-In with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control at sign-in time with Auth0 and SGNL, enabling the right amount of access to applications and infrastructure configured with Auth0. If you’d like to learn more about whether fine-grained Sign-In Policies with Auth0 and SGNL is right for your enterprise, visit our SGNL ...| SGNL
Protecting AWS Access with Okta and SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control inside of AWS with Okta and SGNL, enabling the right amount of access to infrastructure and data inside of AWS. If you’d like to learn more about whether securing AWS with Okta and SGNL is right for your enterprise, visit our Securing AWS Blog or watch the video bel...| SGNL
Protecting AWS API Gateway with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your APIs by integrating SGNL with AWS API Gateway to enable continuous access evaluations. If you’re not sure if an AWS API Gateway and SGNL Integration is right for your enterprise, visit our AWS API Gateway Blog Post or watch the video below to learn more.| SGNL
Protecting AWS IAM Identity Center Access with SGNL and an IdP Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control inside of AWS Identity Center with SGNL, enabling dynamic, contextual access to infrastructure and data inside of AWS.| SGNL
Protecting Azure API Management with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your APIs by integrating SGNL with Azure API Management (APIM) to enable continuous access evaluations. If you’re not sure if an APIM and SGNL Integration is right for your enterprise, visit our Azure API Management (APIM) Blog Post or watch the video below to learn more.| SGNL
Protecting Entra ID SSO with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control at sign-in time with Entra ID and SGNL, enabling the right amount of access to applications and infrastructure connected to Entra ID.| SGNL
Protecting GCP Access with Okta and SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control inside of Google Cloud Platform with Okta and SGNL, enabling the right amount of access to infrastructure and data inside of GCP. Google Cloud recently released Workforce Identity Federation, enabling fine-grained access management for federated users, authenticating ...| SGNL
Protecting Linux Systems with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your Linux Servers by integrating them with SGNL’s Pluggable Authentication Module (PAM) for Linux.| SGNL
Protecting Microservices with Envoy Proxy and SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to enhance access control for your Microservice infrastructure via an integration betweem SGNL and Envoy Proxy. In doing so, we’ll enable continuous, centralized access management that leverages a central set of human-readable policies.| SGNL
Protecting Mulesoft with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your APIs by integrating SGNL with Mulesoft to enable continuous access evaluations. Not only will adding SGNL enhance the overall security posture of your API Gateway/Management Platform, it will also provide centralized control, visibility, and audit for access to business critical APIs. If you’re n...| SGNL
Protecting Okta App Sign-In with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how to achieve fine-grained access control at sign-in time with Okta and SGNL, enabling the right amount of access to applications and infrastructure connected to Okta. If you’d like to learn more about whether fine-grained Sign-In Policies with Okta and SGNL is right for your enterprise, visit our Securing AWS...| SGNL
Protecting OPA-Enabled Apps with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll explore how to enhance the access control being delivered through OPA, with a continuous, centralized access management platform like SGNL. If you’re wondering whether an integration between your OPA-enabled applications and SGNL is right for your enterprise, you can learn more on the Implementing Adaptive Access Manage...| SGNL
Protecting Salesforce with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how SGNL can add continuous and contextual access management to compliment the existing policies you have within Salesforce.| SGNL
Protecting ServiceNow with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll describe how SGNL can add continuous and contextual access management to compliment the existing policies you have within ServiceNow.| SGNL
Creating and Configuring a MySQL System of Record Prerequisites An existing MySQL instance accessible by SGNL An existing MySQL User with privileges to SELECT from all desired Tables Knowledge of the schema for the Database and any Tables you want to import Permissions Required SGNL firmly believes in the principle of least privilege, as such - only the access required to achieve your authorization use-cases should be granted. The MySQL User requires privileges to SELECT from all desired Tabl...| SGNL
Creating and Configuring a Salesforce System of Record Prerequisites An existing secure Salesforce API user - note the username of this User as it will be needed to configure SGNL A basic understanding of the Salesforce OAuth Client Credentials Flow Permissions Required A service account with permissions to read any of the objects that need to be synchronized to SGNL Permissions to access the Salesforce API Configuring Salesforce As a first step, identify your unique Salesforce sub-domain, th...| SGNL
Creating and Configuring a SCIM-based System of Record Prerequisites A System of Record that supports SCIM 2.0 An account capable of reading the desired entities from the SCIM 2.0 SoR Configuring a SCIM-based System of Record Each SCIM-based System of Record (SoR) may behave slightly differently in the set of steps and flows required to configure a new service to interact with it.| SGNL
Creating and Configuring a ServiceNow System of Record Prerequisites ServiceNow Account with permissions to create User accounts and grant read access to entities that require synchronization to SGNL Activation of the ServiceNow Read Only RoleNote: The ServiceNow Read Only Role should not be the only role granted to the account synchronizing data from ServiceNow - it should be used in conjunction with other roles in order to strip extraneous permissions (Create/Modify/Delete) that are unneces...| SGNL
Creating and Configuring a Workday System of Record Prerequisites An existing Workday Organization Permissions Required Permissions to Register and Manage a Workday API Client Ability to delegate permission to Read Worker objects from the Workday REST WQL API Configuring Workday Search for Register API Client from Workday Search| SGNL
Custom Transforms in SGNL Protected Systems Introduction Custom Transforms in SGNL allow you to modify the structure and content of responses from the SGNL Access API and Search API, enabling you to tailor the output to meet the specific requirements of your Protected Systems. While SGNL has predefined transforms for platforms like Okta and Entra ID, Custom Transforms provide complete flexibility to format responses for any integration scenario.| SGNL
Ingesting Entities from a CSV File Apart from connecting to live Systems of Record and ingesting data into the SGNL Graph, SGNL also allows you to upload a CSV file for an entity. This enables you to ingest sample data representative of your organizational data, test policy snippets, and finalize them before connecting to your production Systems of Record.| SGNL
SGNL Policy Overview The following diagram shows how policies are structured in SGNL: SGNL Policies are designed to be human-readable sentences that define whether a principal (e.g. a user, service, robot) can perform some action (e.g. read, write, update, view) on an asset (e.g., a customer account, a document, a piece of infrastructure).| SGNL
Quickstart: Creating Effective Policies Introduction SGNL policies have been designed from the ground up with a goal to be human-readable, easy to understand, and simple to audit and maintain. With SGNL, we want to enable those that set organizational policies within an enterprise to have a seat at the table when policy is applied across applications and services.| SGNL
SGNL Policy Snippet Advanced Reference Introduction This document deals with advanced functions that go beyond the basic capabilities detailed in the SGNL Policy Snippet Reference. There are 2 advanced snippet capabilities that are available in the SGNL product today, these include:| SGNL
SGNL Policy Snippet Reference Introduction Policy Snippets and Policy Snippet Versions are critical components in Policy composition. This reference will discuss the scope of policy snippets and importantly, the semantics to be used when creating policy snippet versions that can be used in policies.| SGNL
Troubleshooting Access Decisions Introduction SGNL leverages business context from Data Sources in order to make just-in-time access decisions. In any organization, there will be times when an Administrator, Support User, or Audit/Compliance Specialist will need to understand why a specific access decision was made.| SGNL
Introduction to DataLens SGNL connects to a range of Systems of Record and ingests valuable business context into the SGNL Graph. Users can then build policies to make access decisions based on data in the SGNL Graph. In any organization, there will be times when an Administrator, Support User, or Audit/Compliance Specialist needs to explore and understand the ingested data and its relationships, and debug cases when a policy might not be behaving as expected.| SGNL
The Access Evaluations Service At the heart of the SGNL Access API suite is the Evaluations API, which addresses the following fundamental question that most organizations have with regards to access to protected assets:| SGNL
The Access Search Service The Access Search Service, or commonly, ’the Search API’ is divided into two parts. Most commonly, when referring to the Search API, one is discussing the Asset Search Service. This API answers the question:| SGNL
The Directory API The Directory API represents a powerful extension of SGNL’s Access Service suite, designed to address complex organizational data requirements that go beyond simple authorization decisions. While the other Access APIs answer questions about permissions and access, the Directory API answers a more nuanced question:| SGNL
CAEP Hub Trigger Overview Triggers in CAEP Hub are a lot like the Policy Snippets you’ve probably already used to build policies. Triggers enable you to look for patterns in the SGNL Graph and use the existence (or non-existence) of those patterns in Rules.| SGNL
CAEP Hub Action Overview CAEP Hub Actions are the things that actually go out and do all of the work for your CAEP Hub Rules, based on the state of a Trigger. SGNL has developed tens of out of box actions that use standards-based technology such as CAEP and Shared Signals Framework, as well as proprietary actions against leading SaaS vendors such as Microsoft Azure, AWS, Salesforce, and more. You can also create your own Actions using SGNL’s flexible Generic Webhook action that is available...| SGNL
CAEP Hub Rule Overview Rules bring together Triggers and Actions. They include a single Trigger, a Criteria, and the set of Actions to fire based on the Trigger and Criteria (for now, a type of Graph Change).| SGNL
Event Streams Event Streams Overview Event Streams enable SGNL to receive events that comply with the Security Event Token (SET) Specification. This includes Shared Signals Framework events like CAEP and RISC.| SGNL
Actions Quickstart Included below are some of the most common actions that end-users create in the SGNL CAEP Hub. The sections below are divided into Protected System Types, the most common actions therein, and details to include in fields to get moving with CAEP Hub quickly.| SGNL
Troubleshooting CAEP Hub This document describes the steps to troubleshoot CAEP Hub in your environment with some common issues that new users may face, and how to navigate them.| SGNL
Deployment Guide: Securing AWS with SGNL Eliminate Standing Access and secure AWS in real-time The problem: too much access, too often Modern cloud environments move fast. Engineers are on call 24/7. Incidents escalate in minutes. But access controls in AWS haven’t kept up.| SGNL
Configuring and Managing Labels in SGNL Prerequisites An Account with sufficient permissions to access SGNL Administrative settings Supported Features Labeling of: Systems of Record Protected Systems Policies Policy Snippets Including and Excluding objects based on the presence of one or more labels Up to 5 labels per object AND Operations between labels when filtering, i.e. Label1 and Label2 and not Label3 Creating and Managing Labels Labels are created and managed from within SGNL Admin.| SGNL
Configuring and Managing Permission Sets Introduction Permission Sets enable SGNL Administrators to grant granular control over the features and objects within the SGNL product. Permission Sets are groups of permissions, able to be assigned to Users and/or Teams to provide them with the level of access they need to complete their tasks.| SGNL
SGNL Service Availability The SGNL platform is designed to be resilient and provide continuous service to our customers. Measures are in place to maintain the availability of the platform and to enable consistent levels of performance. The platform is monitored for uptime, performance, and anomalies, and in the unlikely event of service degradation or disruption is detected, processes are in place to respond within a reasonable time frame and restore full functionality.| SGNL
Configuring and Managing Provider Hooks What are Provider Hooks? Provider Hooks enable an organization to quickly integrate critical infrastructure or identity services with SGNL, so that they can protect the many applications that rely on a specific provider with SGNL’s Privileged Identity Management Product.| SGNL
Creating and Configuring the On-Premises Connector This document provides step-by-step instructions for creating and configuring the SGNL On-Premises Connector using the SGNL Console. Step 1: Create On-Premises Connector Log in to the SGNL Console. Navigate to the Admin Page and select “On-Premises Connector”. Click on “+Add” to add a new On-Premises Connector. Enter the “Display Name” and “Description” for the Connector. Click “Add Connector” to complete the creation proc...| SGNL
Configuring Log Streaming Introduction SGNL can stream events to leading SIEM and storage providers while still making logs available within the SGNL Console and APIs. SGNL logs are formatted as individual JSON entries with a well-defined schema. An example access decision log entry takes the form of:| SGNL
Configuring SGNL for SSO with Google Workspace Prerequisites A SGNL user with an Admin role User accounts created in SGNL for any user wanting to perform SSO An understanding of the ‘Authentication’ steps detailed for Google Workspace A user with permissions in Google Workspace to configure OAuth Consent and an OAuth Client, as detailed in the above guide Configuring Google Workspace Google Workspace details the steps necessary to get going with Authentication for users in your Workspace ...| SGNL
Configuring Single Sign-On with Okta Prerequisites An Okta User account with permissions to create and configure Okta Integration Network (OIN) Apps, e.g. ‘Application Administrator’ Supported Features SGNL with Okta supports SP-Initiated Single Sign-On, you can initiate SSO by visiting your SGNL tenant’s sign-in page (e.g. https://{clientname}.sgnl.cloud/) SGNL supports Just-in-Time provisioning during SSO from Okta, wherein a new user will be granted Global Reader permissions inside o...| SGNL
Configuring SGNL for SSO with OpenID Connect Prerequisites A SGNL user with an Admin role User accounts created in SGNL for any user wanting to perform SSO A user with permissions in your IdP to add and configure an OpenId Connect (OIDC) integration, e.g. Okta AzureAD Other pre-requisites as defined by your Identity Provider (IdP) Configuring your Identity Provider Within your Identity Provider, you’ll need to register a new OpenId Connect Integration - the process for this varies widely ac...| SGNL
How to Use JSONPath in SGNL What is JSONPath? JSONPath is a query language for JSON, like XPath is for XML. It provides a way to navigate through and retrieve data from complex JSON structures by …| help.sgnl.ai
Creating and Configuring a GitHub System of Record Prerequisites A GitHub Personal Access Token, with scopes relevant to the entities that you want to sync into SGNL Basic Scopes: read:org, read:user, …| help.sgnl.ai
Protecting GitHub with SGNL Introduction Protected Systems are applications, services, or infrastructure that you want to protect with SGNL. In this guide, we’ll enhance access control for your …| help.sgnl.ai
Deployment Guide: Securing GitHub with SGNL Protect your code. Enforce just-in-time access in GitHub. The problem: persistent access to your source of truth GitHub is more than a version control …| help.sgnl.ai
