The following instructions assist the Identity Provider administrator with the setup of single sign-on (SSO) for Nebula with CA Technologies. Nebula only supports SAML 2.0 authentication protocol.
Get started
- The email address used for the Nebula account must match the email address used for CA.
- Log in to Nebula and go to Configure > Single Sign-on.
- Log in to your CA Administrator account and go to the Apps page.
- Ensure your environment meets the minimum operating system and external access requirements.
Add a new application in CA
- Click Add App.
- Click Create a SAML SSO app.
- Name the app > click Continue.
Upload CA SSO XML file into Nebula
- Select Download IDP Metadata and click Download to save the CA metadata.xml file.
- Click Continue.
- Single Sign-On page, have a Nebula Super Admin drag the .xml file or Choose a Different File to upload the Identity Provider (iDP) Metadata.
- Once the .xml file is uploaded, you can set Enable Single Sign-On (SSO) to ON.
Upload Nebula XML file to CA SSO
- On the Nebula Single Sign-On page, left-click the Service Provider Metadata link to save the metadata.xml file.
- On the CA Service Provider configuration page, select Upload SP Metadata > click Choose File and upload the metadata.xml file.
- Click Continue.
CA attribute mapping
- For attribute NameID, set Type to User Attribute > set Value to Primary Email > click Add Attribute.
- Type email in the second Name field > set Type to User Attribute > set Value to Primary Email.
- Click Continue.
- Click Finish on the next page.
- Now the application can be assigned to your Nebula administrators in CA.