What you need to know about the SAML integration
IBM Spectrum LSF Application Center uses SAML 2.0 to authenticate users.
- The SAML 2.0 profile that is used is the Web Browser SSO Profile.
- The SAML 2.0 bindings that are used are: HTTP Redirect Binding and HTTP POST Binding.
- Single sign-on can be initiated by the identity provider or the service provider.
- IBM Spectrum LSF Application Center processes assertions received from the identity provider and retrieves the User ID of the user
from the <Subject> element in the assertion using the <NameID> element:
- The format of <NameID> is expected to be: email.
- The value in the <NameID> element is expected to be:
user_ID is the user account used to log in to IBM Spectrum LSF Application Center.Important: If you are integrating IBM Spectrum LSF Application Center to use SAML with IBM® Tivoli® Federated Identity Manager for example, ensure user accounts in IBM Tivoli Federated Identity Manager are the same accounts users use to log in to IBM Spectrum LSF Application Center.
- Single sign-on with SAML cannot be enabled in combination with other types of authentication such as CA SiteMinder or X.509.