Secure Login Access
If you are performing an Incorta version upgrade, please refer to the corresponding upgrade guide. Instructions for SSO upgrade configurations can vary based on your current Incorta version and the target upgrade version.
You can secure login access by configuring:
- SSO (details on this page).
- Auth0 (Incorta provides support for Auth0 SDKs).
- Incorta self-sync.
SSO enables users to log in to different applications with only one username and one password through the organization's SSO portal. Incorta supports SAML2-based logins for SSO, including:
- Use OneLogin SSO
- Use IBM CIS SSO
- Use Okta SSO
- Use Azure AD as SAML2 SSO
- Use Microsoft ADFS SSO
- Use Auth0 SSO
- Mobile SSO
- Others (Contact Incorta Support)
Configure SSO using CMC
Incorta enables you to configure your SSO provider using the CMC. Apply the following steps to configure the SSO:
- Open the CMC and login.
- Select Clusters > cluster-name > Tenants > tenant-name.
- Select Configure.
- Select panel, choose Security.
- Configure the following properties to start using your SSO:
Property | Description |
---|---|
Authentication Type | Select the authentication type that you will use for the chosen tenant. In this case, it will be SSO. |
Provider Type | Select the SSO provider you are going to use. Current available values: ● SAML2 ● Okta ● Auth0 ● Custom |
Provider name | This property is only available when you choose Custom as a provider type. Enter the SSO provider name that you are using. |
Provider configurations | Enter the properties or XML configurations for the SSO provider you have selected. You can get these configurations from the configurations file for each SSO. |
You must apply the upcoming steps whether you are configuring your SSO for the first time or upgrading your Incorta cluster.
- From the Clusters tab, select cluster-name > Cluster Configurations > Default Tenant Configurations.
- From the left pane, select Email.
- Configure the Server URL Protocol, Server Name, and Server Port.
If you are configuring the SSO for the first time, you must restart Incorta services.
If you are just updating the settings for the SSO you are already using, you do not need to restart Incorta services.
Enable SSO for a Tenant
From the Tenant Management Tool (TMT), enter the following command: ./tmt.sh -clnm <CLUSTER_NAME> --update-property <tenantname> sso-login-enable true