Authentication Integration
Configuring authentication integration requires Parameters and Mappings. If the integration mode is Plug-in autocompletion, the Basic Settings and Account Settings are required.
Configuring Parameters
- Log in to the administrator portal.
- On the top navigation bar, choose Resources > Applications.
- Click an application to go to the information page.
- On the General Information page, click
next to Authentication to access the authentication integration page, select an appropriate integration mode, and then click Save. - On the General Information page, click Configure next to Authentication to access the Parameters page, set parameters and then click Save. Configure the parameters based on authorization integration modes.
- For details about the configuration of the SAML, see Authentication Integration.
- For details about the configuration of the OAuth2, see Authentication Integration.
- For details about the configuration of the OpenID Connect, see Authentication Integration.
- For details about the configuration of the CAS, see Authentication Integration.
- For details about the configuration of plug-in autocompletion, see Authentication Integration.
Mappings
Mapping configuration (add, edit, and delete) refers to attributes that need to be returned to the application after authentication to establish the mapping between OneAccess and the application attribute.
- Add a mapping
The SAML protocol is used as an example to describe how to add mappings.
Click the Mappings and Add Mapping to enter details, and then click Save.
Table 1 Mapping parameters Parameter
Description
* Application Attribute
User attribute of an enterprise application, which OneAccess will return to the application after authentication.
* Mapping Type
Different mapping types determine the attribute values returned by the API after authentication.
- User attribute: Return the user attribute to the downstream enterprise application.
- Account attribute: Return the account attribute to the downstream enterprise application.
- Account permission: Return the account permission to the downstream enterprise application. If a downstream application requires permission information of OneAccess users, you can return them by this method.
- Social attribute: Return the social attribute value to the downstream enterprise application.
- Fixed attribute value: A fixed value can be configured.
- Dynamic script: You can use a script to customize the attribute values returned to the downstream enterprise applications. For details, see Developing Mapping Scripts.
- Session: The session parameters are returned to the downstream enterprise application.
- Application: Add the mapping authorized to the application.
* User Attribute
Attribute mapped from OneAccess to the application. The options of the attribute vary based on the mapping type.
* Friendly Name
Enter the same value as the Application Attribute. This parameter is available when the authentication protocol is SAML.
* Attr Name Format
Format of data returned in accordance with the SAML protocol.
- Modify a mapping
Click Modify in the Operation column of the added mapping. On the Modify Mapping page, modify the mapping and then click Save.
- Delete a mapping
Click Delete in the Operation column of the added mapping and click OK to delete the mapping. To add again, see Add a mapping.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
