Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Administrator
  • All Products

Table of Contents

Search

  1. Preface
  2. User administration
  3. Ecosystem single sign-on
  4. SAML single sign-on
  5. Users
  6. User groups
  7. User roles
  8. User configuration examples
  9. Editing your user profile

User Administration

User Administration

Back Next

User management with SAML authentication and authorization

User management with SAML authentication and authorization

When you use SAML SSO for user authentication and authorization,
Informatica Intelligent Cloud Services
 verifies the user credentials each time a user attempts to sign on. It also gets the user's SAML groups and roles and assigns the user the corresponding
Informatica Intelligent Cloud Services
 roles.
To use SAML SSO for authentication and authorization, enable the
Map SAML Groups and Roles
 option on the
SAML Setup
 page. For some identity providers, you can also choose to push user and group information to
Informatica Intelligent Cloud Services
 using SCIM 2.0.
When you enable the
Map SAML Groups and Roles
 option, you must map
Informatica Intelligent Cloud Services
 roles to SAML groups and roles on the
SAML Setup
 page. Mapping roles and groups ensures that users have the appropriate levels of access to
Informatica Intelligent Cloud Services
 assets. You cannot configure user roles or groups for these users individually in
Administrator
.
If the SAML groups that you map on the
SAML Setup
 page do not exist in
Informatica Intelligent Cloud Services
,
Informatica Intelligent Cloud Services
 creates user groups for them. You can view these groups on the
User Groups
 page, but you cannot edit the group information or change the group members.
Informatica Intelligent Cloud Services
 ignores any SAML groups and roles that are returned in the SAML token but are not mapped on the
SAML Setup
 page.
When you use SAML for authentication and authorization, users are managed in the following ways:
New users with auto-provisioning
When a new user signs on to
Informatica Intelligent Cloud Services
 for the first time and auto-provisioning is enabled,
Informatica Intelligent Cloud Services
 gets the SAML roles, groups, and user attributes from the SAML token and stores them in the repository. It creates and authenticates the user and assigns the user the
Informatica Intelligent Cloud Services
 roles that are mapped on the
SAML Setup
 page.
If there are no roles or groups in the SAML token,
Informatica Intelligent Cloud Services
 fails the login.
New users without auto-provisioning
If auto-provisioning is disabled, users are not automatically added to the organization when they attempt to sign on to Informatica Intelligent Cloud Services for the first time. You must create the user in
Administrator
.
Existing users
When an existing user signs on,
Informatica Intelligent Cloud Services
 authenticates the user and gets the SAML roles, groups, and user attributes from the SAML token. If this information has changed since the last login,
Informatica Intelligent Cloud Services
 updates the user attributes and roles.
You can also create a native user account with credentials in Administrator, and the user credentials are saved in the
Informatica Intelligent Cloud Services
 repository. If you do this, the user must log in to
Informatica Intelligent Cloud Services
 directly instead of using single sign-on. You can delete these user accounts in Administrator.
For all SAML users, the information in the user profile is read-only except for the time zone. The password and security question do not appear in the user profile.
0 COMMENTS
We’d like to hear from you!