Using a Browser Plugin for a SAML Service

You can configure the connector to use a browser plugin to authenticate your connection through a SAML service such as Okta, Ping, or AD FS.

To configure IAM authentication using a browser plugin:

1. Set the AuthenticationType property to BrowserSAML.
2. To specify your credentials for accessing the Azure AD server, do the following:
   1. Set the UID property to the user name that you use to access the Azure AD server.
   2. Set the PWD property to the password corresponding to the user name that you provided in the previous step.
3. Optionally, set the Preferred_Role property to the Amazon Resource Name (ARN) of the role that you want to assume when authenticated through Azure AD.
4. Optionally, set the Duration property to the duration, in seconds, of the role session.
5. Set the Login_URL property to the URL for the resource on the identity provider's website.
6. Optionally, set the Listen_Port property to the number of the port that the connector uses to receive the SAML response from the identity provider.
7. Optionally, set the timeout property to the maximum amount of time, in seconds, that the connector is to wait for the redirect URI to fetch the authorization code during Browser Azure AD authentication.

Related topics

• Security and Authentication
• Authentication Driver Configuration Options
• Configuring Authentication