Single Sign-On
Single sign-on (SSO) is an authentication process that allows a user to access multiple applications with a single set of log in credentials. GigaVUE‑FM provides the following Single sign-on options, which are discussed in this topic:
First, check out this video from Gigamon Basics as a primer: Understanding how to configure user access to GigaVUE-FM using Single Sign-On and SAML helps you meet your security, compliance, and password management requirements. This video provides a primer on SSO, discusses SAML flows, and then shows you how to configure Single Sign-On via GigaVUE-FM.
Enabling Single Sign-On into GigaVUE-FM (SAML) [12:42]
Find more Gigamon Basics videos on Gigamon TV!
GigaVUE‑FM uses Shibboleth SAML 2.0 identity provider (open source IdP ) as an internal IdP for authentication and authorization. Shibboleth reads the data from GigaVUE‑FM’s local database and performs the authentication based on the authentication mechanism selected in the Authentication Type settings. GigaVUE‑FM is independent of the authentication mechanism (as Shibboleth takes care of authentication and authorization).
Notes:
- GigaVUE‑FM starts with internal IdP, by default.
- When you access GigaVUE‑FM, you will be navigated to the IdP's URL. You must then log in with your user name and password.
- If you cannot access GigaVUE‑FM (due to server issues or any other issues), you can use the special access provided (https://<fm ip address/dns name>/admin). This access is applicable only for local users with super admin privileges.
- You must restart GigaVUE‑FM every time you configure IdP.
The following external IdPs are qualified to be operational with GigaVUE‑FM:
- ADFS
- OKTA
- Microsoft Azure