Set up SAML authentication
Switch an authenticated environment Control Room database to a SAML identity provider (IDP).
Prerequisites
Ensure that you are logged in to the Control Room as the administrator.
Introducing credentials on a new system, before importing users, and other setup tasks might be required before setting up authentication for the Control Room. If users are imported, there must be matching user IDs, email addresses, first and last names, in both the Automation Anywhere credentials and matching records in order to log in after the SAML integration. For example, if using Okta as an SSO,users must have matching IDs, email addresses, first name and last names in both Automation Anywhere and Okta in order to log in after the SAML integration.
Have the necessary user information and certificate ready. Typical user information consists of userID, first and last name, and an email address.
After switching to SAML authentication environments, any users with non-SAML IDP formatted IDs will not be able to login. You will need ensure that any bots in their private folders are exported so they can be imported back against their new user accounts.
Much of this configuration is reliant upon third-party applications to create the necessary metadata. If you require more specific configuration information based on a specific provider, see the associated knowledge base articles provided. For more details, see Automation 360 steps to configure SSO authentication With Okta as ID provider (A-People login required).
To switch the Control Room to a SAML-authenticated environment, follow the steps outlined in this procedure.