This article summarizes the officially supported Identity Providers (IdPs) for Cato’s Single Sign-On (SSO) features.
Overview
Cato supports a wide range of OIDC-compatible IdPs to securely authenticate users and admins. These are the features that support SSO:
Remote Users – User authentication to the Cato Client
CMA Admins – Admin login to the Cato Management Application
Browser Access – Authentication flows through the Application Portal
Browser Extension – Authentication via browser extension (where applicable)
Enterprise Browser - Authentication via enterprise browser
Headless Authentication – Automated authentication flows without user interaction (for Linux OS)
For more about using SSO with your Cato account, see Configuring SSO and the Subdomain for the Account.
IdP Support Matrix
The table below shows which SSO authentication capabilities are supported for each Identity Provider (IdP).
Identity Provider | Remote Users | CMA Admins | Browser Access | Browser Extension | Enterprise Browser | Headless Auth |
|---|---|---|---|---|---|---|
Yes | Yes | Yes | Yes | Yes | Yes | |
Yes | No | Yes | Yes | Yes | No | |
Yes | Yes | Yes | Yes | Yes | No | |
Yes | Yes | Yes | Yes | Yes | No | |
Yes | No | Yes | Yes | Yes | No | |
Yes | Yes | Yes | Yes | Yes | No | |
Yes | No | Yes | Yes | Yes | No | |
Yes | No | Yes | No | No | No | |
Yes | Yes | Yes | Yes | Yes | No | |
Yes | Yes | Yes | Yes | Yes | Yes | |
Yes | Yes | Yes | No | No | No | |
Yes | Yes | No | No | No | No | |
Yes | Yes | No | No | No | No | |
Yes | Yes | Yes | Yes | Yes | No | |
Yes | No | Yes | No | No | No | |
Yes | No | Yes | No | No | No |