Authenticating via SAML
Another alternative to managing users locally is to use SAML authentication, where an Identity Provider (IdP) is the entity providing the identities, including the ability to authenticate a user.
SAML authentication is set up manually by providing an access manager plugin in the console’s configuration.properties file. Please see Console server configuration below for more information.
In the SAML Identity provider (IdP) you need to specify the single sign on URL as:
You have the option of passing the following parameters along in the sign on:
Parameter | Values |
UserType | Admin/User/Super/Security |
UserLocale | Any valid locale. Default is en_US |
UserTimeZone | Any valid time zone. Default is GMT |
UserName | User full name. Default is SAML ID |
UserEmail | User email. Default is SAML ID |
UserRole (can be multiple) | Any valid role |
UserIU | Classic/Portal. Defaults to console default |
One of UserType or UserRole MUST be provided. If a role is provided, but no type, the type will be set to User.
Last updated