The look, feel, and usability of the Application Portal sign-on is improved in the new application launcher portal. Choose your region of the world and launch into any of your Cisco Security products from the enhanced portal.

Sign In to Cisco Secure Sign-On Using Your Microsoft Azure Account

Now you're able to sign in to Cisco Secure Sign-On using your Microsoft Azure account.

• Who can use this method?

  Customers who use Microsoft Azure as their organization's identity provider (IdP).

• What do I do to enable this method?

  Depending on the customer’s Microsoft Azure configuration, it works transparently for the organization. Otherwise, once the first user attempts access, an administrator needs to approve it in the Azure portal. For configuration details, go to the Microsoft Docs website and see their Azure documentation on these topics:

  • assign a user or group to an enterprise app

  • grant tenant-wide admin consent to an app

  • configure the admin consent workflow

• Does this pull user identity attributes from the customer’s Microsoft Azure Active Directory (AD) profile?

  Yes, it pulls first name, last name, display name, title, mobile phone, and organization.

• Does this pull Azure group information and allow it to be recognized and used by applications secured by Cisco Secure Sign-On?

  No, group assignment and role permissions are handled by each Cisco application individually.

• Does this change the way I access applications that use Cisco Secure Sign-On?

  No, as long as you use the same username, you remain mapped into the applications just as before; it only changes the way you authenticate.

• Will I be able to keep and use both accounts?

  Yes and yes.

• How does this affect Cisco employees with an @cisco.com username?

  Cisco has not enabled Microsoft sign-in for @cisco.com accounts, so if you try to sign in using this method, you'll receive a failure message.

• What happens if I use the Sign in with Microsoft option, but I don’t have a Cisco Secure Sign-On account?

  This will work transparently for you and allow you to sign in directly, without having to create a separate account.

Sign In to Cisco Secure Sign-On Using Your Cisco.com Account

Now you're able to sign in to Cisco Secure Sign-On using your cisco.com account.

• How is this different than my Cisco Secure Sign-On account?

  This is your standard cisco.com account (formerly known as CCO), the same account used to access support, download software, and so on.

• Does this change the way I access applications that use Cisco Secure Sign-On?

  No, as long as you use the same username, you remain mapped into the applications just as before; it only changes the way you authenticate.

• Will I be able to keep and use both accounts?

  Yes and yes.

• How does this affect Cisco employees with an @cisco.com username?

  Cisco employees are encouraged to use the Sign in with Cisco.com option, so that we can recognize them as an employee in our metrics and ensure that they receive only one MFA prompt.

• What happens if I use the Sign in with Cisco.com option, but I don’t have a Cisco Secure Sign-On account?

  This will work transparently for you and allow you to sign in directly, without having to create a separate account.

URL Change

On March 24, 2020, the Cisco Secure Sign-On domain moved from security.cisco.com to sign-on.security.cisco.com to accommodate Cisco SecureX and then the new Application Portal after SecureX became obsolete. Update your bookmark and password manager (such as LastPass, 1Password, or DashLane) to reference the new URL.