Skip to main content

Configuring Single Sign-On (SSO)

You can configure CxSAST to automatically use the Windows credentials of the user that is logged on to Windows, so that registered domain users do not need to independently log into CxSAST.


  • Single sign-on authentication is available only to Active Directory users.

  • The instructions below apply to IIS 8, 8.5 and 10.

To configure single sign-on (SSO):

1. Make sure that the CxSAST server is in the organizational domain.

2. On the CxSAST server, activate IIS Windows Authentication. In a distributed deployment, you have to activate IIS Windows Authentication on the CxManager.

3. Open the IIS Manager, and apply Windows Authentication to the CxSAST web services.

4. On the CxSAST server, open the following file for editing:

<Installation path>\Checkmarx\CheckmarxWebPortal\Web\web.config , for example C:\Program Files\Checkmarx\CheckmarxWebPortal\Web\web.config

5. Under <appSettings>, navigate to the UseSSOLogin key, and change its value to true as noted below:

<add key="UseSSOLogin" value="true"/>

CxSAST Active Directory users who are logged on to Windows can now access CxSAST without logging on to CxSAST separately.