SAML Authentication Setup
Configure Active Directory Federation Services (AD FS), the Informatica domain, and the gateway nodes within the domain to use SAML authentication.
To configure SAML authentication for supported Informatica web applications, perform the following tasks:
- Create an LDAP security domain for Informatica web application user accounts, and then import the users into the domain from Active Directory.
- Export the Identity Provider Assertion Signing Certificate from AD FS.
- Import the Identity Provider Assertion Signing certificate into a truststore file on each gateway node in the domain. You can import the certificate into the Informatica default truststore file, or into a custom truststore file.
- Add Informatica as a relying party trust in AD FS and map LDAP attributes to the corresponding types used in security tokens issued by AD FS.
- Add the URL for each Informatica web application to AD FS.
- Enable SAML authentication in the Informatica domain.
- Enable SAML authentication on every gateway node in the domain.