Configuring identity providers in CDP

An account administrator or PowerUser can onboard users by setting up identity federation with CDP.

If your organization uses an enterprise identity provider (IdP) that is compliant with Security Assertion Markup Language (SAML), you can set up identity federation with CDP. Identity federation allows users within your organization to log in to CDP through the authentication system in your organization without registering with Cloudera or creating a Cloudera account.

The following diagram illustrates how identity federation works with CDP:

CDP supports the following:

• CDP supports the SAML 2.0 standard. You can set up any identity provider for CDP that uses SAML 2.0.
• You can set up a maximum of 10 SAML 2.0-compliant identity providers in CDP.

Setting up an identity provider for CDP involves the following steps:

1. The IdP administrator in your organization generates the SAML metadata that describes your enterprise IdP.
2. The CDP administrator sets up the identity provider in CDP.
3. The IdP administrator configures the enterprise IdP in your organization to work with CDP as a service provider.