Updated on 2024-02-21 GMT+08:00

Overview

SAML 2.0

SAML 2.0 is an XML-based protocol that uses securityTokens containing assertions to pass information about an end user between an IdP and an SP. It is an open standard ratified by the Organization for the Advancement of Structured Information Standards (OASIS) and is being used by many IdPs. For more information about this standard, see SAML 2.0 Technical Overview. HUAWEI CLOUD implements federated identity authentication in compliance with SAML 2.0. To successfully federate existing users to HUAWEI CLOUD, ensure that your enterprise IdP is compatible with this protocol.

IAM Identity Center supports identity federation with Security Assertion Markup Language (SAML). IAM Identity Center adds SAML IdP capabilities to either your IAM Identity Center identity store or external identity provider (IdP) applications. Users can then single sign-on into services that support SAML, including the Huawei Cloud console and third-party applications. The SAML protocol however does not provide a way to query the IdP to learn about users and groups, so you must make IAM Identity Center aware of those users and groups by provisioning them into IAM Identity Center.

SCIM

IAM Identity Center supports the System for Cross-domain Identity Management (SCIM) v2.0 standard. SCIM keeps your IAM Identity Center identities in sync with identities from your IdP. This includes any provisioning, updates, and deprovisioning of users between your IdP and IAM Identity Center. For details about how to implement SCIM, see Enabling or Disabling SCIM Automatic Provisioning.