By linking with an identity provider, when a user logs in to the Hitachi Ops Center Portal, you can authenticate the user on the identity provider side. If the identity provider successfully authenticates the user, the user is imported as a local user of Common Services.
Common Services supports linking with AD FS (Active Directory Federation Services) or linking with an identity provider registered in Keycloak, which is incorporated in Common Services. The settings required for linking with an identity provider depend on the identity provider type. For details, see Configuring a link to an AD FS identity provider or Configuring a link to a non-AD FS identity provider.
- You can link to either AD FS or a non-AD FS identity provider, but not both.
- You cannot link one Active Directory server to both a directory service and AD FS.
-
Identity provider user accounts must have a unique username and email address. If an identity provider user account conflicts with a local user ID or email address, the identity provider user cannot log in. You must remove the local user from the Hitachi Ops Center Portal or change the email address before proceeding.