Cloud Alliance Attributes

You can establish identity federation with an enterprise IdP as a service provider (SP), or establish SAML-based identity federation with an SP (only Huawei Cloud is supported currently) as an enterprise IdP. This section describes how to configure identity federation as an enterprise IdP.

Navigating to Cloud Alliance Attribute

Log in to the IAM console.
On the management console, hover the mouse pointer over the username in the upper right corner, and choose Security Settings from the drop-down list.
Click Cloud Alliance Attributes.

Exchanging Metadata Files

To exchange metadata files with the SP (only Huawei Cloud is supported currently), do as follows:

Download the metadata file of your cloud platform. Visit https://Domain name of the authui service on the cloud platform/idp/metadata.xml?unsigned=true, right-click on the page, choose Save As, and set a file name, for example, idp-metadata.xml.
Upload the metadata file of your cloud platform to the SP. For details, see the SP's guide.
Download the metadata file of the SP. For details, see the SP's guide.
Contact technical support to upload the metadata file of the SP to your cloud platform.

Supported Cloud Alliance Attributes

The following table lists the attributes that you can configure as an enterprise IdP.

**Table 1** Supported cloud alliance attributes
Attribute Name	Mandatory	Value
IAM_SAML_Attributes_identityProviders	Yes	iam::SP account ID:identityProvider:SP IdP name. Use semicolons (;) to separate multiple values.

Login Verification

Federated Login Initiated by the Enterprise IdP

Log in at https://Domain name of the authui service on the cloud platform/idp/sso/SAML2/Unsolicited?type=user&entityId=https://Domain name of the authui service on the SP/&service=Specified SP address