You can configure an Informatica domain to allow users to use SAML-based single sign-on (SSO) to log into the Administrator tool, the Analyst tool, and the Monitoring tool web applications.
Security Assertion Markup Language (SAML) is an XML-based data format for exchanging authentication and authorization information between a service provider and an identity provider. In an Informatica domain, the Informatica web application is the service provider. Microsoft Active Directory Federation Services (AD FS) 2.0 is the identity provider, which authenticates web application users with your organization's Active Directory identity store.
To enable the Informatica domain to use SAML-based single sign-on, you must create an LDAP security domain for Informatica web application user accounts, and then import the users into the domain from Active Directory. You can use the Administrator tool to set up the connection to the Active Directory server, and then import users into the security domain.
When a user logs into an Informatica web application, the application sends a SAML authentication request to AD FS. AD FS authenticates the user's credentials against the user account information in Active Directory, and then returns a SAML assertion token containing security-related information about the user to the web application.
You configure AD FS to issue SAML tokens used to authenticate Informatica web application users. You must also export the Identity Provider Assertion Signing Certificate from AD FS, and then import the certificate into the Informatica default truststore file on each gateway node in the domain.