You can configure authentication policies that specify the types of authentication that administrators must complete to sign in to the management console and users must complete to activate the Aurora Protect Mobile app and the Gateway agent. A transitioning screen appears briefly before the management console is accessed.

If you sign in with an external IDP that was configured for custom authentication in the management console (Settings > Custom Authentication), you must continue to sign in using the 'Or sign in with your External Identity Provider' link with your external third-party IDP credentials. Arctic Wolf recommends that you configure your external IDP configuration as an authenticator so that you can use an authentication policy to sign in with your third-party IDP credentials from the main sign in screen. This provides more granularity and flexibility in the authentication configuration. For more information on how to configure your external IDP as an authenticator, see Migrate external IDPs from Custom Authentication to an authenticator.

If you configured your external IDP configuration as an authenticator before December 2023, users will be unable access the Endpoint Defense console directly from their external IDP user portal using single sign on. To enable this feature, you must generate a new Aurora Endpoint Security single sign-on login request. For more information on how to enable IDP-initiated sign in to the Endpoint Defense console, see Configure authentication for sign-in.