Authenticating via SAML
Another alternative to managing users locally is to use SAML authentication, where an Identity Provider (IdP) is the entity providing the identities, including the ability to authenticate a user.
SAML authentication is set up manually by providing an access manager plugin in the console’s configuration.properties file. Please see Console server configuration below for more information.
In the SAML Identity provider (IdP) you need to specify the single sign on URL as:
You have the option of passing the following parameters along in the sign on:
Parameter
Values
UserType
Admin/User/Super/Security
UserLocale
Any valid locale. Default is en_US
UserTimeZone
Any valid time zone. Default is GMT
UserName
User full name. Default is SAML ID
UserEmail
User email. Default is SAML ID
UserRole (can be multiple)
Any valid role
UserIU
Classic/Portal. Defaults to console default
One of UserType or UserRole MUST be provided. If a role is provided, but no type, the type will be set to User.
Last updated