Control How Operators Log In to WatchGuard Cloud
You can edit an operator to change how they log in to WatchGuard Cloud. When you add a new operator to your tier-1 Service Provider or tier-1 Subscriber account, by default, the operator can use their WatchGuard user name and password to log in to WatchGuard Cloud.
After a new operator sets their password to complete the setup, you can use these two settings to change the way the operator logs in:
- Enable Login with WatchGuard Credentials — Allows an operator to log in with their WatchGuard user name and password. This setting is enabled by default for a new operator.
- Enable Login with SAML SSO — Allows an operator to log in with their existing credentials from an Identity Provider (IdP). When the operator logs in to one WatchGuard service, they do not have to authenticate again to log in to other WatchGuard services. To use this setting, you must first configure SAML SSO for your account. For more information, go to Configure SAML Single Sign-On for Your Accounts in WatchGuard Cloud.
Based on the options you select, the login behavior is different.
Enable Login with WatchGuard Credentials | Enable Login with SAML SSO | Login Behavior |
---|---|---|
Selected | Selected | The operator can log in with their WatchGuard credentials or with SAML SSO. |
Selected | Cleared | The operator can only log in with their WatchGuard credentials. |
Cleared | Selected | The operator can only log in with SAML SSO. |
Cleared | Cleared | The operator cannot log in to WatchGuard Cloud. The operator status is set to Inactive. |
Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Configure Operators permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.
Allow an Operator to Log In with WatchGuard Credentials
To allow an operator to log in with WatchGuard credentials:
- Log in to WatchGuard Cloud.
- Select Administration > Operators and Roles.
- On the Operators page, click the user name for the operator.
The Operators and Roles page opens. - Select the Enable Login with WatchGuard Credentials check box.
- Click Save.
Allow an Operator to Log In with SAML SSO
To allow an operator to log in with SAML SSO:
- Log in to WatchGuard Cloud.
- Select Administration > Operators and Roles.
- On the Operators page, click the user name of the operator.
The Operators and Roles page opens. - Select the Enable Login with SAML SSO check box.
- Click Save.
Configure SAML Single Sign-On for Your Accounts in WatchGuard Cloud