Using the Browser Plugin for a SAML Service

You can configure the connector to use a browser plugin to authenticate your connection through a SAML service such as Okta, Ping, or AD FS.

To configure IAM authentication using a browser plugin:

  1. To access authentication options, open the ODBC Data Source Administrator where you created the DSN, then select the DSN, then click Configure, and then click Authentication Options.
  2. From the Authentication Type drop-down list, select BrowserSAML.
  3. In the User field, type the user name that you use to access the Azure AD server.
  4. In the Password field, type the password corresponding to the user name that you provided in the previous step.
  5. To encrypt your credentials, click Password Options and then select one of the following:
    • If the credentials are used only by the current Windows user, select Current User Only.
    • Or, if the credentials are used by all users on the current Windows machine, select All Users Of This Machine.
  6. Optionally, in the Preferred Role field, type the Amazon Resource Name (ARN) of the role that you want to assume when authenticated through Azure AD.
  7. Optionally, in the Session Duration field, type the duration, in seconds, of the role session.
  8. In the Login URL field, type the URL for the resource on the identity provider's website.
  9. Optionally, in the Listen Port field, type the number of the port that the connector uses to receive the SAML response from the identity provider.
  10. Optionally, in the Timeout (sec) field, type the amount of time, in seconds, that the connector waits for the SAML response from the identity provider.
  11. To save your settings and close the Authentication Options dialog box, click OK.

Related topics