As a CSP administrator, you can configure single sign-on so that CA CloudMinder acts as an OAuth authorization server for an OAuth client.
You perform configuration steps for each tenant where SSO for an OAuth client is required. You perform these steps only once per tenant.
You also perform configuration steps for each individual OAuth client that will use CA CloudMinder as an OAuth authorization server. You perform these steps for each OAuth client that is associated with the tenant.
For example, the tenant Forward, Inc. wants to use CA CloudMinder as an OAuth authorization server for to two web application and a mobile application. Each of these applications use OAuth for authentication communication; they are called OAuth clients. As a CSP administrator, you configure CloudMinder as an OAuth authorization server for the Forward, Inc. tenant environment. Then you configure single sign-on using OAuth for the two web applications and the mobile application. Because each application has specific callback and authentication URLs, you configure each one separately.
The following figure illustrates the required configuration tasks.
The following procedures describe each task in detail.
Do the following for each tenant where SSO for an OAuth client is required. Perform these steps only once per tenant. Begin here if you have not configured the OAuth authorization server for this tenant yet.
Do the following for each OAuth client you want to use the OAuth authorization server. Perform these steps for every OAuth client. Begin here if you have already configured the OAuth authorization server for this tenant, and you want to configure individual OAuth clients to use it.
|
Copyright © 2014 CA.
All rights reserved.
|
|