Single Sign On into your Main IDM Tenant

At this point, we now have the following configured:

  1. Your Main IDM Tenant has established trust with your IDP IDM Tenant by importing the Identity Provider Metadata.
  2. Your Main IDM Tenant has added your IDP IDM Tenant as a 3rd Party IdP.
  3. Your IDP IDM Tenant has a SaaS Application that can create a SAML assertion and attempt to Single Sign On users after importing the Service Provider Metadata.

For this exercise, we will be utilizing a local user account in your IDP IDM Tenant named aduser.  This user does not belong to any directory or domain, but we want to click our SSO Application we just created and allow our user to Single Sign On into our Main IDM Tenant console as the corp.local aduser account that we imported into our Main IDM Tenant at the beginning of this lab.

The local aduser account in your IDP IDM Tenant has already been created for you, so let's review how to sign in and test that our configuration works.

1. Launch an Incognito Session in Chrome

  1. In your Chrome browser, click the Settings button.
  2. Click New Incognito Window.

We're going to use an Incognito Session to ensure that our cached sessions or cookies do not affect our Single Sign On process.  Alternatively, you could sign out of both of your VMware Identity Manager consoles.

Enter the URL for your IDP IDM Tenant.  Remember, this should match https://{tenantName}!

3. Login to your IDP IDM Tenant as aduser

  1. Enter "aduser" for the Username.
  2. Enter "VMware1!" for the Password.
  3. Click Sign In.

4. Launch the Single Sign On Application

  1. Click Catalog.
  2. Click Open for the SSO application.

5. Confirm the Single Sign On

  1. Notice that we were not prompted for any additional authentication and are now signed into your Main IDM Tenant.
  2. Click the User Dropdown.
  3. Click Settings.

6. Confirm the Signed-In User Profile

  1. Click Account.
  2. Confirm that the signed in user shows as the [email protected] account.


Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.