Skip to main content Skip to complementary content

Configuring Assertions

Procedure

  1. On the SP Connection | Browser SSO | Assertion Creation page, navigate to the Identity Mapping tab.
  2. Select Standard identity mapping and click Next.
  3. On the Attribute Contract tab, select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress as the subject name format from the SAML_Subject drop-down list.
  4. Define the attributes for role mapping, then click Next.
    Example of the defined SAML_SUBJECT contract and the required attributes for role mapping.

    In this example, only required attributes are defined: email, family_name, given_name, TalendCloudDomainName. They all have the attribute name format urn:oasis:names:tc:SAML:2.0:attrname-format-basic. If needs be, you can also add attributes such as middle_name.

    The CustomerRoles attribute is required when you need to set up SCIM provisioning to synchronize users, groups, and roles between your SSO provider and Talend Cloud. For a step-by-step demonstration about how to set up SCIM provisioning, see Managing and synchronizing user identities across your third-party system and Talend Cloud.

  5. On the Authentication Source Mapping tab, click Map New Adapter Instance.
    Map the new adapter instances as described below.
    The TMCCLOUD adapter instance is mapped.
  6. After the mapping is configured, click Next.
  7. Verify the information on the Summary tab, then click Done.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!