Preparation
Consider the following before starting the SSO configuration tasks:
Item | Description |
---|---|
Site administration privilege | You should have the ALM site administration privilege to access the SSO Configuration Tool. |
IdP | An identity provider (IdP) is available to register ALM as its service provider (SP). |
Certificate |
You have already obtained a certificate (or a keystore file to store the certificate) that is used for ALM to sign SAML2 and OAuth tokens. The keystore file is uploaded during the SSO configuration process. |
HTTPs | The HTTPs communication between the IdP and the ALM server (the proxy or load balancer, if any) is enabled and works. |
Certificates |
Prepare the following certificates:
|
System time |
If ALM is deployed in a cluster environment, make sure the system time on all ALM nodes and on IdP servers is synchronized as closely as possible. The systems on these servers can be configured to use a network time synchronization protocol such as the Network Time Protocol (NTP). If the time on any ALM node is different from the time on the IdP server, the authentication fails. |
Node running in load balancer | If ALM is deployed in a cluster environment, make sure only one node is running in the load balancer. |
FAQ
Next steps: