Create authentication realms

This topic provides instructions for adding a new authentication realm in Deployment Automation.

To add an authentication realm:

  1. Navigate to Administration > Security.

  2. Select the Authentication (Users) tab.

  3. In the side panel, click the Create Authentication Realm button .

  4. In the dialog box that opens, enter a unique name, an optional description, and other basic parameters:

    Parameter Description
    Allowed login attempts Number of allowed attempts. A value of 0 means unlimited attempts.
    Authorization realm Requires that the authorization realm was previously created.
    For details, see Authorization realms and groups.
    Type

    Select from the following types:

    • Internal Storage
    • LDAP
    • Single Sign-On
    • PKI Certificate
  5. Click Save.

Depending on the selected Type, additional parameters may be available:

  • For Internal Storage authentication realms, only basic parameters are available.

  • For LDAP authentication realms, see Create LDAP authentication realms.

  • For PKI Certificate authentication realms, see Create PKI Certificate authentication realms.

  • For Single Sign-On authentication realms used with SBM, the following additional parameters are available:

    Parameter Description
    User Header Name The header name for an authorization token that is used by the SSO provider, for example, ALFSSOAuthNToken.
    Logout Url (Optional) When this parameter is specified, Deployment Automation redirects the logout request to the provided URL to inform the SSO provider that the session should be terminated.

    For details on configuring SSO, see Single Sign-On (SSO) configuration.

Note: SSO and PKI Certificate authentication realms are incompatible You cannot use them both in the same implementation. To use Smart Cards with SSO, you have to configure it in SBM. See the SBM documentation for details.

Back to top

See also: