Skip to main content

Tutorial: Manage the SAML Authentication Method from the Command-line Interface

Abstract

Use this tutorial to manage SAML as an Access Server authentication method from the command-line interface.

Overview

Use this tutorial to find the commands necessary to manage the SAML authentication method for Access Server.

In SAML authentication mode, users authenticate with an SSO provider. We provide tutorials for some, but not all, providers:

You can also define all of the configuration parameters in the Admin Web UI under “Authentication” and “SAML” via the command line.

Prerequisites

  • Root privileges on your Access Server's console.

  • A SAML IdP.

Commands to configure SAML

  • Set authentication mode to SAML:

    ./sacli --key "auth.module.type" --value "saml" ConfigPut
./sacli start

  • Define the IdP entity ID:

    ./sacli --key "auth.saml.0.idp_entityid" --value <IDP ENTITY ID> ConfigPut
./sacli start

  • Define the IdP sign-on endpoint:

    ./sacli --key "auth.saml.0.idp_signon_endpoint" --value <IDP SIGNON ENDPOINT> ConfigPut
./sacli start

  • Define the SAML service provider hostname (optional, if you want to set a separate hostname for SAML from the hostname used by your Admin and Client Web UIs):

    ./sacli --key "auth.saml.0.sp_hostname" --value <HOSTNAME> ConfigPut
./sacli start
In this section:
See also: