Configuring identity providers with SAML

An account administrator or PowerUser must onboard users by setting up identity federation with CDP.

If your organization uses an enterprise identity provider (IdP) that is compliant with Security Assertion Markup Language (SAML), you must set up identity federation with CDP. Identity federation allows users within your organization to log in to CDP through the authentication system in your organization without registering with Cloudera or creating a Cloudera account.

The following diagram illustrates how identity federation works with CDP:

CDP supports the following:

  • CDP supports the SAML 2.0 standard. You can set up any identity provider for CDP that uses SAML 2.0.

Setting up an identity provider for CDP involves the following steps:

  1. The IdP administrator in your organization generates the SAML metadata that describes your enterprise IdP.
  2. The CDP administrator sets up the identity provider in CDP.
  3. The IdP administrator configures the enterprise IdP in your organization to work with CDP as a service provider.