Using PingFederate Service on Windows

You can configure the connector to authenticate your connection through IAM authentication using the credentials stored in the PingFederate service.

To configure IAM authentication using PingFederate service:

1. To access the IAM authentication options, open the ODBC Data Source Administrator where you created the DSN, select the DSN, and then click Configure.
2. From the Auth Type drop-down list, select Identity Provider: PingFederate.
3. In the User field, type the user name associated with your Ping account.
4. In the Password field, type the password associated with your Ping user name.
5. If the ID and region of the Redshift server cluster are not already provided through the Server field, then do the following:
1. In the Cluster ID field, type the ID for the Redshift server cluster.
2. In the Region field, type the region for the Redshift server cluster.
6. In the DbUser field, type the ID that you want to designate to the Redshift user.
7. If the ID you entered in the DbUser field does not already exist in your Redshift account, you must create it:
1. Select the User AutoCreate check box.
2. In the DbGroups field, type the names of any user groups that you want the new DbUser to be added to, separated by commas.
3. Optionally, to lowercase all DbGroups that are received from the identity provider, select the Force Lowercase check box.
8. Optionally, in the Endpoint URL field, type the endpoint used to communicate with the Redshift cluster.
9. Optionally, in the STS Endpoint URL field, type the endpoint used to communicate with the AWS Security Token Service (AWS STS).
10. Optionally, in the AuthProfile field, type the authentication profile you want to use to manage the connection settings, then do the following:
    1. In the AccessKeyID field, type your Redshift access key ID.
    2. In the SecretAccessKey field, type your Redshift secret key.
11. In the IdP Host field, type the address of the service host.
12. In the IdP Port field, type the port number the service listens at.
13. To skip verification of the SSL certificate of the IDP server, select the SSL Insecure check box.
14. In the Preferred Role field, type the name or ID for the IAM role you want the user to assume when logged in to Redshift.
15. Optionally, in the Partner SPID field, type a partner SPID (service provider ID) value.
16. To save your settings and close the dialog box, click OK.

Related topics

• Security and Authentication
• Authentication Driver Configuration Options on page 1
• Configuring Authentication
• Creating a Data Source Name