Before You Enable SAML Authentication
Ensure the Windows network and Informatica domain gateway nodes are configured to use SAML authentication.
To ensure that the Informatica domain can use SAML authentication, validate the following requirements:
- Verify that the required services are deployed and configured on the Windows network.
- SAML authentication requires the following services:
- Microsoft Active Directory
- Microsoft Active Directory Federation Services 2.0
- Ensure the Informatica web application services use secure HTTPS connections.
- By default, AD FS requires that web application URLs use the HTTPS protocol.
- Ensure that the system clocks on the AD FS host and all gateway nodes in the domain are synchronized.
The lifetime of SAML tokens issued by AD FS is set according to the AD FS host system clock. Ensure that the system clocks on the AD FS host and all gateway nodes in the domain are synchronized.
To avoid authentication issues, the lifetime of a SAML token issued by AD FS is valid if the start time or end time set in the token is within 120 seconds of a gateway node's system time by default.