Knowledge Base

Scenario

1. Automation is behaving erratic when user tries to create profile or perform an automation tasks (not able to add profile etc)
2. Discovery notifications are not working even when enabled.

Cause

CertCentral supports enabling SAML on an account. This allows customers to use their SSO credentials to login to CertCentral (e.g. Okta etc.)

For a given user CertCentral also allows administrators to limit the user to only login using SSO.

If this option is enabled for a user, CertCentral doesn’t allow users to login using their password or to create API-KEYS.

Discovery and Automation rely on API-KEYS to interface with CertCentral. Hence for users who have enabled SSO only option, these features will not work. 

Solution

Check if discovery and automation API keys exist for the user.

1. Disable SSO only option at user level.
2. If SSO has to be enforced by the customer, then as a workaround
           1. Disable SSO only option
           2. Ask user to login to the account and
               access discovery and automation sections
           3. API key will be auto generated
           4. Enable SSO only option
    

Note: the above steps will need to be repeated if the API-KEY is revoked for any reason.