GlobalProtect integrated login

Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect integrated login

L0 Member


We currently have GlobalProtect setup with always-on, with certificate logon and credentials (via RADIUS via AD). Right everything is working as designed. We have a desire to remove the manual login once globalprotect launches in the user session (so one logon; just Windows). How do we enable GlobalProtect to automatically logon while using the users AD credentials or kerberos ticket? We have the option to use SAML via Okta.  


Hi @mrt3385 ,

Am I undrestating you correctly:

- GlobalProtect is successfully establishing pre-logon tunnel with user certificate, before user is logon to Windows

- After user authenticates and logon in Windows, GlobalProtect prompts the user to enter credentials where.

Is this correct?


If I understand correctly, GlobalProtect support Single Sign-On (SSO) and can use the same credentials the user has entered to logon to Window and pass it to authenticate after user logon.

SSO needs to be enabled under GP portal -> Agent -> App settings


In addition GlobalProtect credential provide needs to be set as default



You are correct; after the user logs in, they are prompted by GlobalProtect to enter their credentials again. We do have SSO for windows turned on. I'm wondering if SSO is only supported for certain authentication mechanisms. 


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!