Enabling SAML authentication
Set your authentication method to SAML with the REGISTER EXTERNAL AUTHENTICATION SYSTEM SQL statement.
SAML external authentication system supports two-factor authentication. User needs to be configured with MFA (Multi-factor authentication) on IdP(Identity Provider); for example, Ping Identity.
Setting SAML authentication with the Netezza UI
-
Log in to the Netezza UI as a user who is part of an administrative group.
-
Go to
Settingstab. -
Click on
SAMLto enableSAMLauthentication. -
Create a user (or users) with the external authentication method set to
SAML, as described in Creating users. -
Verify whether the user is created successfully.
- Go to Users and groups > Users.
- Locate the user.
- Check the Authentication type section for the user.
Setting SAML authentication with the command-line
-
Connect to NPSaaS as a user who is part of an administrative group. See, Connecting to NPSaaS.
In the example, the 'nzsql' command is used. You can also use the ODBC or JDBC drivers.
nzsql -host <nps_host_ip> -u user -pw XXXXXExample Input Description nps_host_ip Specifies the IP address of your instance.
To retrieveNPS HOST IP:- Log in to your IBM Cloud account.
- Go to Private endpoints > Service instance details.
- Select your instance.
Your instance IP address appears on the page now.
user Specifies the username. password Specifies the password. Example:
nzsql -host X.XX.XXX.XXX -u admin -pw password Welcome to nzsql, the IBM Netezza SQL interactive terminal. Type: \h for help with SQL commands \? for help on internal slash commands \g or terminate with semicolon to execute query \q to quit SYSTEM.ADMIN(ADMIN)=> -
As an admin, register
SAMLexternal authentication system only once.REGISTER EXTERNAL AUTHENTICATION SYSTEM 'SAML';This action has to be performed only once.
-
Create a user (or users) with the external authentication method set to
SAML.CREATE USER <USER> AUTH EXTERNAL 'SAML';Example:
CREATE USER SAMLUSER AUTH EXTERNAL 'SAML';