Alibaba Cloud Configuration#
Alibaba Cloud User SSO#
Log in to the ARKID platform,Enter【Application management】-> 【Application List】, Clicked【Add to】Button, Create an application called Alibaba Cloud User SSO,URL does not fill in the URL
Log in to Alibaba Cloud Platform,Enter the access control page through the avatar drop -down menu,Select the user SSO in the SSO management column,copy【SAML Service provider metadata data URL】And download the file
Click on the right side in Arkid【Configuration protocol】The button enters the protocol configuration window,Select the protocol type <b>Gathering_Aliyunram </b>,Fill in related data in turn
+ sp metadataThe file is the data file downloaded in the previous step
+ See Alibaba Cloud [Document] (https] (https] (HTTPS://help.alien.com/document_detail/144277.html)
Click again after confirmation【Configuration protocol】Button,Copy IDP entity ID of ID, download IDP metad data file spare
Back to the Alibaba Cloud Platform page again,Click Edit User SSO Upload the IDP metad data file just downloaded
Click to confirm,Back to the Arkid Unified Certification Platform Desktop,At this time, click on Alibaba Cloud User SSO Application Card,After a few jumps, you can enter the Alibaba Cloud Platform
- About the domain name:Alibaba Cloud provides auxiliary domain name/Domain name/Set SSO domain name in the default domain name,Use auxiliary domain name in the example,Please refer to the configuration of other domain names on Alibaba Cloud
- User SSO needs to be added to Alibaba Cloud in advance,And keep it consistent with the user name on the ARKID platform,For example, Arkid user admin Corresponding to the Alibaba Cloud Platform users are admin@arkid
Alibaba Cloud Character SSO#
- Download [Alibaba Cloud SP metadata file] (HTTPS://sign in.alien.com/saml-role/sp-Meta.xml)
Log in to the ARKID platform,Enter【Application management】-> 【Application List】, Clicked【Add to】Button, Create an application called Alibaba Cloud character SSO,URL does not fill in the URL
After the addition is completed, click on the right on the right【Configuration protocol】The button enters the protocol configuration window,Select the protocol type Gathering_He'll fight ,Fill in related data in turn
+ sp metadataThe file is the data file downloaded at the preparation work
+ RoleThere is no corresponding data at present,Can be placed as empty,The author is used here"arkid"Occupy
Click to confirm after the configuration is completed,Click again in the list【Configuration protocol】The button enters the configuration protocol popup window,Copy IDP entity ID of ID, download IDP metad data file spare
Log in to Alibaba Cloud Platform,Enter the menu menu of the avatar in the upper right corner【Access control】page,At【SSO management】Page select SAML protocol->Character SSO->Create identity provider,Upload the metadata file downloaded in one step here,After the creation is completed, click the identity provider just created,Find the identity provider ARN for later on the detailed page
Identification->In the character column,Creating a Role,Type selection identity provider,Click Next
When configured the role,Identity provider type selection SAML,Identity provider chooses the identity provider created earlier,Click to complete
After the character is created, the character must be authorized,I won't go into details here
After the above steps are completed,Click the character just created,Copy the character ARN spare
Back to the ARKID certification platform,Fill in the value of the ROLE column in the protocol configuration pop -up box,Format 【Character ARN】,【Identity provider ARN】,Pay attention to the half -angle between the two ARN(English sentence)Commas。
Return to the Arkid certification platform desktop,Click on Alibaba Cloud Character SSO Application Card,After multiple jumps, you can correspond to the role to enter the Alibaba Cloud platform
