IBM Cloud Docs
Configuring SAML authentication in IdP

Configuring SAML authentication in IdP

Admin user can manage SAML configurations from Netezza UI. IdP Metadata URL and EntityId are required to setup SAML on Netezza UI. Update ACS url and SLO endpoint on IdP. Select the Signed Authentication checkbox only if it is already enabled in the IdP application portal.

The following SAML configuration steps are generic. Users can follow similar steps on respective IdP.
It is mandatory to configure SessionNotOnOrAfter.

How to get IdP Metadata URL and EntityId

  1. Login to the IdP Portal.
  2. Navigate to your SAML application.
  3. In the application details, you can find IdP Metadata URL and EntityId.

Configure IdP details

  1. Login to Netezza UI as a user who is part of the administrative group.
  2. Select Settings topic from the left pane.
  3. Enable SAML configuration.
  4. Add IdP Metadata URL and EntityId from step 3.

Configure ACS url and SLO endpoint on IdP

  1. Login to Netezza UI as a user who is part of the administrative group.

  2. Select Settings topic from the left pane.

  3. Copy the ACS url and SLO endpoint from the IdP configuration page.

  4. Login to the IdP Portal.

  5. Navigate to your SAML application.

  6. Edit the application configuration and add the ACS url and SLO endpoint from step 3.

Configuring Signed Authentication on IdP

  1. Login to the IdP Portal.

  2. Navigate to your SAML application.

  3. Select respective checkbox to enable signed authentication.

  4. Click Download Certificate button in the Netezza UI under IdP configuration -> SAML.

    An user with admin privileges can only download the authentication certificate.

  5. Upload this certificate to IdP portal for signed authentication configuration.