Signing in to Cisco Defense Orchestrator

To log in to Cisco Defense Orchestrator (CDO), a customer needs an account with a SAML 2.0-compliant identity provider (IdP) and a multi-factor authentication provider.

The IdP account contains the user's credentials, and the IdP authenticates the user based on those credentials. Mutli-factor authentication provides an added layer of identity security. The CDO user record primarily contains the username, the CDO tenant with which they are associated, and the user's role. When a user logs in, CDO tries to map the IdP's user ID to an existing user record on a tenant in CDO. The user is logged in to that tenant when CDO finds a match.

Unless your enterprise has its own single sign-on identity provider, your identity provider is Cisco Secure Sign-on. Cisco Secure Sign-On uses Duo for multi-factor authentication. Customers can integrate their own IdP with CDO if they choose.


Step 1

Open an internet browser and navigate to

Step 2

Log in to your Cisco Secure Sign-on Account.

Step 3

Click the tile for CDO.

Step 4

Log in to your CDO tenant.

When you log in for the first time on the CDO tenant as a Choice Admin, you need to fill in your details to develop a basic profile in our database. For more information, see Secure Connect Choice Customer Registration Form

The Secure Connect Choice dashboard page appears if you have completed the customer registration form. For more information, see Secure Connect Choice Overview Dashboard.