Getting started
This section provides information about getting started with Rackspace Identity Federation.
Prerequisites
Before proceeding, verify that you have the necessary resources to complete setting up Rackspace Identity Federation. Review the following list of prerequisites:
- You have administrator access to your Identity Provider such as Okta®.
- You have administrator access to your Rackspace Customer Portal.
- You have any necessary permissions at your company.
- Must read through Appendix: Attribute Mapping Policy Reference
Summary of steps
The following are the basic steps for using Rackspace Federation:
-
Add Rackspace to your Identity Provider. Use the instructions listed for your company’s Identity Provider:
-
Add an Identity Provider at Rackspace by using one of the following methods:
- Add an Identity Provider in the Control Panel.
- Add an Identity Provider in the MyRack Portal.
- Add an Identity Provider by using the API by providing basic information about the Identity Provider.
-
Configure Attribute Mappingand upload that file to complete the Identity Provider creation.
-
Log in and test your configuration.
Review the following sections for more information:
- Add Rackspace Federation to your identity provider
- Add an Identity Provider
- Configure the Attribute Mapping Policy
- Log in
Concepts
Before you set up Rackspace Identity Federation, make sure you understand some basic terminology. The following table provides descriptions for some of the terms that are associated with Rackspace Identity Federation:
Term | Description |
---|---|
Identity provider | An identity provider is a third-party identity system that integrates with Rackspace. |
SAML | SAML (Security Assertion Markup Language) is the protocol used to communicate between an identity provider and Rackspace. |
Attribute mapping | During the login process, the identity provider and Rackspace exchange SAML messages containing attributes about the user who is authenticating. An attribute mapping policy interprets these SAML attributes (also called assertions) to set Rackspace roles and permissions during login. |
Provisioned user | A provisioned user is a user created directly in the Rackspace Customer Portal. Provisioned users use the username and credentials that are created with Rackspace. |
Federated user | A federated user is a user who logs in to Rackspace by using Identity Federation. Federated users use the credentials provided and managed by their own identity system. |
Updated about 1 year ago