What you need to know about the SAML integration

Edit online

IBM Spectrum LSF Application Center uses SAML 2.0 to authenticate users.

  • The SAML 2.0 profile that is used is the Web Browser SSO Profile.
  • The SAML 2.0 bindings that are used are: HTTP Redirect Binding and HTTP POST Binding.
  • Single sign-on can be initiated by the identity provider or the service provider.
  • IBM Spectrum LSF Application Center processes assertions received from the identity provider and retrieves the User ID of the user from the <Subject> element in the assertion using the <NameID> element:
    • The format of <NameID> is expected to be: email.
    • The value in the <NameID> element is expected to be: user_ID or user_ID@company.com, where user_ID is the user account used to log in to IBM Spectrum LSF Application Center.
      Important: If you are integrating IBM Spectrum LSF Application Center to use SAML with IBM® Tivoli® Federated Identity Manager for example, ensure user accounts in IBM Tivoli Federated Identity Manager are the same accounts users use to log in to IBM Spectrum LSF Application Center.
  • Single sign-on with SAML cannot be enabled in combination with other types of authentication such as CA SiteMinder or X.509.