Procedure
- In the Server Manager, click Tools > AD FS Management.
- Right-click Trust Relationships > Relying Party Trusts, and select Add Relying Party Trust....
- Click Start.
- Select Enter data about the relying party manually, then click Next.
- Enter a display name and click Next.
- Select AD FS profile and click Next.
- Click Next.
- On the Configure URL page, select the Enable support for the SAML 2.0 WebSSO protocol checkbox.
-
Enter the single sign-on service URL in the Relying party SAML 2.0
SSO Service URL field.
For example, https://localhost:8080/org.talend.administrator/ssologin https://iam.us.cloud.talend.com/oidc/ssologin.
-
On the Configure Identifiers page, enter the same service
URL as in step 9, then click Add and
Next.
When setting up SSO for multiple accounts (multiple tenants) on Talend Management Console, use their account IDs to define the unique entity ID of each account. For example, the entity ID for the AWS US region becomes https://iam.us.cloud.talend.com/oidc/ssologin/<your_account_ID>. Remember to perform the SSO setup individually for each tenant using their respective account IDs. This federates these tenants into a single SSO authentication system.Note: The account federation mentioned is exclusive to SSO authentication. The Talend Management Console objects, such as environments and workspaces, remain specific to each tenant and cannot be shared across tenancies.
You can find the account ID on the Subscription page of your Talend Management Console.
- Choose whether to configure multi-factor authentication settings.
-
Leave the Permit all users to access this relying party
option selected and click Next.
You may change the issuance authorization rules later.
-
Click Next, then Close.
Leave the Open the Edit Claim Rules dialog for this relying party trust when the wizard closes checkbox selected.