CA API Gateway 9.1

9.4 9.1

Creating a Federated User

Creating a Federated User
gateway83
Before creating a new federated user, it is recommended that you view the properties of the signed certificates attached to the Federated Identity Provider. Note the values, such as the "Issued to" value, that must be configured in the Create Federated User dialog. For information on viewing certificate properties, see Edit a Certificate.
To create a new federated user in the Federated Identity Provider (FIP)
:  
  1. On the Policy Manager interface, select the [
    Identity Providers
    ] tab. One or more Federated Identity Providers should be visible.
    Note: If no FIP is listed, then you must create one before you can add a federated user.
  2. Right-click the appropriate FIP and then select Create User. The Create Federated User dialog appears. 
  3. Configure the dialog as follows:
    Setting
    Description
    X509 Subject DN
    Enter the DN value that incoming certificate-based credentials must match in order to be authorized as this federated user. For example: CN=user A.
    Login
    Optionally, enter a value into the Login field, to allow this user to be authorized based on incoming SAML tokens with “windowsDomain” NameIdentifier formats.
    Email
    Optionally, enter a value into the Email field. allow this user to be authorized based on incoming SAML tokens with the “emailAddress” NameIdentifier format.
    User Name
    Optionally, replace the user name that was derived from the Subject DN and placed in the User Name field with a name unique to the federated user.
    The User Name is displayed on the Search Identity Provider dialog when searching and/or adding federated users to a policy. The User Name is a human readable value that does not impact the usage or validity of the federated user in an identity bridging configuration.
    Define Additional Properties
    Select this check box if you want to enter additional information about the user. All additional information is optional.
  4. Click [
    Create
    ].
    • If you are not defining additional properties, the dialog closes and the user is added to the Federated Identity Provider.
    • If you are defining additional properties, the Properties dialog for the user is displayed. For more detailed information about this dialog, see Federated User Properties.  
  5. Click [
    OK
    ] to close the dialog. The user is added to the Federated Identity Provider.

Content feedback and comments