Creating Authentication RealmsTo create an authentication realm:
Navigate to Administration > Security.
Select the Authentication (Users) tab.
On the side panel click the '+' button (Create Authentication Realm)
Enter a unique name, an optional description, and other basic parameters:
Allowed Login Attempts Number of attempts allowed. A value of 0 means unlimited attempts. Authorization Realm Requires that the authorization realm was previously created. Type
Select from the following types:
- Internal Storage
- Single Sign On
- PKI Certificate
Depending on the Type you select, additional parameters may be available as follows:
For Internal Storage authentication realms, only basic parameters are available.
For LDAP authentication realms, see Creating LDAP Authentication Realms.
For PKI Certificate authentication realms, see Creating PKI Certificate Authentication Realms.
For Single Sign On authentication realms, used with SBM, the following additional parameters are available:
User Header Name: The header name for an authorization token that is used by the SSO provider. For example,
Logout Url: (Optional) When this parameter is specified, Deployment Automation redirects the logout request to the provided URL to inform the SSO provider that the session should be terminated.
For details on configuring SSO, see Single Sign-On (SSO) Configuration.
Note: You cannot use SSO and PKI Certificate authentication realms in the same implementation; they are incompatible. If you want to use Smart Cards with SSO, you should configure this in SBM. See the SBM documentation for details.