This section provides information about getting started with Rackspace Identity Federation.
Before proceeding, verify that you have the necessary resources to complete setting up Rackspace Identity Federation. Review the following list of prerequisites:
- You have administrator access to your Identity Provider such as Okta®.
- You have administrator access to your Rackspace Customer Portal.
- You have any necessary permissions at your company.
Summary of steps#
The following are the basic steps for using Rackspace Federation:
- Add Rackspace to your Identity Provider. Use the instructions listed for your company's Identity Provider:
- Add an Identity Provider at Rackspace by using one of the following methods:
- Configure the Attribute Mapping Policy and upload that file to complete the Identity Provider creation.
- Log in and test your configuration.
Review the following sections for more information:
Before you set up Rackspace Identity Federation, make sure you understand some basic terminology. The following table provides descriptions for some of the terms that are associated with Rackspace Identity Federation:
|Identity provider||An identity provider is a third-party identity system that integrates with Rackspace.|
|SAML||SAML (Security Assertion Markup Language) is the protocol used to communicate between an identity provider and Rackspace.|
|Attribute mapping||During the login process, the identity provider and Rackspace exchange SAML messages containing attributes about the user who is authenticating. An attribute mapping policy interprets these SAML attributes (also called assertions) to set Rackspace roles and permissions during login.|
|Provisioned user||A provisioned user is a user created directly in the Rackspace Customer Portal. Provisioned users use the username and credentials that are created with Rackspace.|
|Federated user||A federated user is a user who logs in to Rackspace by using Identity Federation. Federated users use the credentials provided and managed by their own identity system.|