About External Identity Provider Authentication

The External Identity Provider option enables you to designate an external entity that will perform user authentication for SBM. This option configures SBM to accept authenticated user credentials from an External Identity Provider such as Tivoli, SiteMinder, or Oracle Identity Manager. Additionally, you can choose to manage user sessions with or without SSO. For example, SSO enables users to log in to SBM components like SBM Application Repository automatically upon successful log in to SBM Application Engine.

Important: In this scenario, SBM Web service calls are authenticated against the Windows domain instead of the external identity provider. This means if you have orchestrations or Web service calls that need to authenticate internal user accounts (that are not part of the Windows domain), you must update the calls to use Windows domain user accounts or add the accounts to your Windows domain.

SSO also enables you to configure authentication settings for an external identity provider that uses SAML2.

Related Topics

Configuring External Identity Provider Authentication