This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    Disable Password Authentication (SaaS)

    Sysdig Platform supports disabling password-based authentication on both SaaS and on-prem deployments. As an administrator (super administrator for on-prem), you can use an API to achieve it. This configuration is applicable to those who use single sign-on.

    For On-Prem environments, see Disable Password Authentication.

    SaaS Deployments

    As an administrator, perform the following:

    1. Get the Sysdig Platform settings:

      See SaaS Regions and IP Ranges and identify the correct domain URL associated with your Sysdig application and region. For example, for Sysdig Monitor on US East is:


      For other regions, the format is https://<region> Replace <region> with the region where your Sysidig application is hosted. For example, for Sysdig Monitor in the EU, you use

    2. Find the ID of the active SSO setup:

    3. Retrieve the specific settings associated with the SSO setup:


      The setting is displayed in a JSON file.

    4. In the JSON file, change the following from false to true:

      settings/forbidPasswordLogin: True
    5. Update the setting with a request to the same URL with the same JSON, with the changed parameter. URL depends on the type of deployment.


    Migrating from the ConfigMap Method

    Previously, the sysdigcloud.restrict.password.login parameter in the Kubernetes ConfigMap has been used to disable password authentication. After installing 3.2.0, deployments utilizing the sysdigcloud.restrict.password.login settings will be automatically migrated to use the new settings.