Setting up the identity provider in CDP
In CDP, you must create an identity provider to capture the SAML metadata and connection information for your enterprise IdP. To create an identity provider in CDP, you must be a CDP account administrator or have the PowerUser role.
CDP adds the new identity provider to the list of CDP identity providers on the Identity Providers page.
After you create the identity provider in CDP, you can view its properties to get the information you need to configure your enterprise IdP to work with CDP.
On the Identity Providers page, click the name of the new CDP identity provider to see its properties:
Property | Description |
---|---|
Name | Name of the CDP identity provider. |
ID | ID generated for the CDP identity provider. |
Sync Groups on Login | Indicates whether CDP synchronizes a user's group membership in CDP with the
user's group membership in your enterprise IdP when a user logs in. For more information about user group synchronization, see Group Membership Synchronization. |
CRN | The Cloudera resource name assigned to the CDP identity provider. |
SAML Identity Provider Metadata | The identity provider SAML metadata for your enterprise IdP that you provided when you created the CDP identity provider. |
Generate workload username by email | You can optionally check this if you use an opaque ID for SAML
NameID and SCIM userName so that the workload
username is generated based on the email instead of the default. For more
information, see Generating workload usernames based on
email. |
Enable SCIM | You can optionally check this to enable SCIM for Azure AD. For more information, see Configure SCIM with Azure AD. |
CDP SAML Service Provider Metadata | The CDP SAML service provider metadata to configure your enterprise IdP. |