Creating Authentication Realms

To create an authentication realm:

Navigate to Administration > Security.
Select the Authentication (Users) tab.
On the side panel click the '+' button (Create Authentication Realm)

Enter a unique name, an optional description, and other basic parameters:

Allowed Login Attempts	Number of attempts allowed. A value of 0 means unlimited attempts.
Authorization Realm	Requires that the authorization realm was previously created.
Type	Select from the following types: Internal Storage LDAP Single Sign On PKI Certificate

Depending on the Type you select, additional parameters may be available as follows:

For Internal Storage authentication realms, only basic parameters are available.
For LDAP authentication realms, see Creating LDAP Authentication Realms.
For PKI Certificate authentication realms, see Creating PKI Certificate Authentication Realms.
For Single Sign On authentication realms, used with SBM, the following additional parameters are available:
- User Header Name: The header name for an authorization token that is used by the SSO provider. For example, ALFSSOAuthNToken.
- Logout Url: (Optional) When this parameter is specified, Deployment Automation redirects the logout request to the provided URL to inform the SSO provider that the session should be terminated.
  
  For details on configuring SSO, see Single Sign-On (SSO) Configuration.

Important: You cannot use SSO and PKI Certificate authentication realms in the same implementation; they are incompatible. If you want to use Smart Cards with SSO, you should configure this in SBM. See the SBM documentation for details.

Creating Authentication Realms

Related Topics