| sidebar | permalink | keywords | summary |
|---|---|---|---|
sidebar |
task_security_mfa_setup.html |
netapp, ontap, mfa, multifactor authentication, multi-factor, saml, security |
<<Add a short description here>> |
Security Assertion Markup Language (SAML) authentication allows users to log in to an application by using a secure identity provider (IdP).
In System Manager, in addition to standard ONTAP authentication, SAML-based authentication is provided as an option for multifactor authentication.
Security Assertion Markup Language (SAML) is an XML-based framework for authentication and authorization between two entities: a service provider and an identity provider.
To enable SAML authentication, perform the following steps:
-
Click Cluster > Settings.
-
Next to SAML Authentication, click
. -
Ensure there is a check in the Enable SAML Authentication checkbox.
-
Enter the URL of the IdP URI (including "https://").
-
Modify the host system address, if needed.
-
Ensure the correct certificate is being used:
-
If your system was mapped with only one certificate with type "server", then that certificate is considered the default and it isn’t displayed.
-
If your system was mapped with multiple certificates as type "server", then one of the certificates is displayed. To select a different certificate, click Change.
-
-
Click Save. A confirmation window displays the metadata information, which has been automatically copied to your clipboard.
-
Go to the IdP system you specified and copy the metadata from your clipboard to update the system metadata.
-
Return to the confirmation window (in System Manager) and check the checkbox I have configured the IdP with the host URI or metadata.
-
Click Logout to enable SAML-based authentication. The IdP system will display an authentication screen.
-
In the IdP system, enter your SAML-based credentials. After your credentials are verified, you will be directed to the System Manager home page.
