Setting up SSO authentication with managed identity providers

Edit online

You can integrate managed identity providers and enable Single-Sign-On (SSO) for both new and existing tenants. After you complete the setup, you can log in with your credentials through the managed identity provider's authentication system. The setup is a manual process that requires configuration updates to both the managed identity provider and IBM® Storage Defender® to enable interaction via SAML.

To help Site Reliability Engineer (SRE) configure a managed identity provider for your IBM Storage Defender environment, you must gather the following details:

Name - The display name for the managed identity provider server. You can choose any name, up to 64 characters.
Realm - The email domain of your managed identity provider server. The realm must be unique across all IBM tenants and accounts. You can use any string, but it must not exceed 1024 characters.
metadata.xml file - This file is provided by your managed identity provider server. It contains the information that IBM needs to establish secure communication with the managed identity provider.
```
https://[IDP_HOST]/FederationMetadata/2007-06/FederationMetadata.xml
```

Note: This information provides preparation guidance for configuring a managed identity provider. The configuration must be completed by IBM support or your assigned SRE.