CA Technologies and Nebula single sign-on configuration

The following instructions assist the Identity Provider administrator with the setup of single sign-on (SSO) for Nebula with CA Technologies. Nebula only supports SAML 2.0 authentication protocol. 

Get started

• The email address used for the Nebula account must match the email address used for CA Technologies.
• Log in to Nebula and go to Configure > Single Sign-on.
• Log in to your CA Administrator account and go to the Apps page.

Add a new application in CA

1. Click Add App.
   
2. Click Create a SAML SSO app.
   
3. Name the app > click Continue.

Upload Nebula XML file to CA SSO

1. On the Nebula Single Sign-On page, left-click the Service Provider Metadata link to save the metadata.xml file.
2. On the CA Service Provider configuration page, select Upload SP Metadata > click Choose File and upload the metadata.xml file.
   
3. Click Continue.

CA attribute mapping

1. Configure the NameID attribute:
   • Name: NameID
   • Type: User Attribute
   • Value: Primary Email
2. Click Add Attribute.
   
3. In the next line, configure the email attribute:
   • Name: email
   • Type: User Attribute
   • Value: Primary Email
4. Click Continue.
5. Click Finish on the next page.

Upload CA SSO XML file into Nebula

1. Select Download IDP Metadata and click Download to save the CA metadata.xml file.
   
2. Click Continue.
3. In the Single Sign-On page of Nebula, have a Nebula Super Admin drag the .xml file or Choose a Different File to upload the Identity Provider (iDP) Metadata.

Enable SSO

1. Once the metadata is uploaded, toggle on Enable SSO.
   • Toggle on Just-In-Time (JIT) Provisioning to automatically create Nebula users if they don't already exist when authenticating through CA Technologies.
   • Toggle on Service Provider Initiated SSO if you will be accessing Nebula through a tile or button in CA Technologies.
2. Now the application can be assigned to your Nebula administrators in CA Technologies.