SAML Authentication for Informatica Web Applications
SAML Authentication for Informatica Web Applications
In an Informatica domain, the Informatica web application is the service provider. Microsoft Active Directory Federation Services (ADFS) is the identity provider which authenticates web application users with your organization's Active Directory identity store.
To enable the Informatica domain to use SAML-based single sign-on, you must create an LDAP security domain for Informatica web application user accounts and then import the users into the domain from Active Directory. You can use the Administrator tool to set up the connection to the Active Directory server and then import users into the security domain.
When a user logs into an Informatica web application, the application sends a SAML authentication request to ADFS. ADFS authenticates the user's credentials against the user account information in Active Directory and then returns a SAML assertion token containing security-related information about the user to the web application.
You configure ADFS to issue SAML tokens to authenticate Informatica web application users. You must also export the Identity Provider Assertion Signing Certificate from ADFS and then import the certificate into the Informatica default truststore file on each gateway node in the domain.