Skip to main content

Tutorial: Manage the SAML Authentication Method from the Command-Line Interface

Overview

Use this tutorial to find the necessary commands to manage SAML authentication for Access Server.

In SAML authentication mode, users authenticate with an SSO provider. We provide tutorials for some, but not all, providers:

You can also define all of the configuration parameters in the Admin Web UI under Authentication and SAML via the command line.

Prerequisites

  • Root privileges on your Access Server's console.

  • A SAML IdP.

Commands to configure SAML

  • Set authentication mode to SAML:

    sacli --key "auth.module.type" --value "saml" ConfigPut
sacli start

  • Define the IdP entity ID:

    sacli --key "auth.saml.0.idp_entityid" --value <IDP ENTITY ID> ConfigPut
sacli start

  • Define the IdP sign-on endpoint:

    sacli --key "auth.saml.0.idp_signon_endpoint" --value <IDP SIGNON ENDPOINT> ConfigPut
sacli start

  • Define the SAML service provider hostname (optional, if you want to set a separate hostname for SAML from the hostname used by your Admin and Client Web UIs):

    sacli --key "auth.saml.0.sp_hostname" --value <HOSTNAME> ConfigPut
sacli start
In this section: