Set up IAM authentication

Use the IAM Authentication page to configure the connection between a customer’s IdP and the Calabrio ONE IAM service. The IAM Authentication page is only available for Cloud deployments of Calabrio ONE.

IMPORTANT   This page is only available for customers that are enabled for Calabrio ONE IAM.

Page location

Application Management > Global > System Administration > IAM Authentication

Procedure

Configure IAM settings

  1. Enter the required information in the available fields. See Field descriptions for more information.
  2. Click Save.

Field descriptions

Field Description

Enable Authentication

At least one of the two check boxes must be selected.

Enable IAM Authentication (Direct Login) — Enables authentication through the Calabrio ONE IAM Service.
Enable IAM External Authentication Entity (Company Login) — Enables authentication using an external IdP.

Entity ID

The entity ID information from the customer’s configured IdP.

EXAMPLE   http://www.okta.com/mxkgk2l57kJrrPAeo0h7TEST

IDP X.509 Certificate Import, export, or view an SP X.509 certificate. Acceptable file formats are CER, CRT, and CERT.
Authorization Requests Signed Select if SAML requests need to be signed.
Name ID Format

The default is as follows.

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

Single Sign On Service Endpoint (HTTP-POST/HTTP-Redirect)

The value provided for a Single Sign On Service Endpoint (HTTP-Redirect). Include http or https in the url.

EXAMPLE   https://dev-111111.oktapreview.com/app/dev-111111_exampletest20220608_1/mpkznqqbkzvTHE3Nc0h7/sso/saml

SAML Binding

Select if SAML bonding is required to post or redirect.

NOTE   Check if your identity provider requires post or redirect. Azure AD, AD FS, and Ping Federate IdPS require post.

Related topics

Configure SAML authentication — Learn how to configure your organization’s IdP for Calabrio ONE before using the IAM Authentication page to connect your organization’s IdP and Calabrio ONE‘s IAM service.