Step 2: Configure the Enterprise IdP
You can configure parameters in the enterprise IdP to determine what information will be sent to Huawei Cloud. Huawei Cloud authenticates the federated identity and assigns permissions based on the received information.
If the SSO type is IAM user, the enterprise IdP must have the IAM_SAML_Attributes_xUserId assertion configured.
Common Parameters in an Enterprise IdP
Parameter |
Description |
Scenario |
---|---|---|
IAM_SAML_Attributes_xUserId |
ID of an enterprise IdP user (federated user) |
This parameter is mandatory when the SSO type is IAM user. Each federated user is mapped to an IAM user. The IAM_SAML_Attributes_xUserId of the federated user is the same as the external identity ID of the corresponding IAM user. |
IAM_SAML_Attributes_redirect_url |
Target URL which the federated user will be redirected to |
During SSO login, the federated user will be redirected to a page on Huawei Cloud , for example, the Cloud Eye homepage in the EU-Dublin region. |
IAM_SAML_Attributes_domain_id |
Account ID of Huawei Cloud to be federated with the enterprise IdP |
This parameter is mandatory in the enterprise IdP-initiated federation. |
IAM_SAML_Attributes_idp_id |
Name of the IdP entity created on Huawei Cloud |
This parameter is mandatory in the enterprise IdP-initiated federation. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.