Come for answers. Stay for best practices. All we’re missing is you.
Is there a cook book example on how to configure Navigator so that it uses Azure AD for single sign on? via SAML/Oauth/OIDC.
We have been struggling to get this working and fingers always get pointed back at IBM when trying to troubleshoot with our internal teams.
We do not have any documentation outside of the standard SAML documentation where Tivoli as the example IDP.
https://www.ibm.com/support/pages/configuring-ibm-content-navigator-using-security-assertion-markup-language-saml-single-sign-websphere-application-server
We also have this for Oauth/OIDC:
https://www.ibm.com/docs/en/content-navigator/3.0.x?topic=ps-configuring-content-navigator-websphere-application-server-instance-oauthoidc
Hi Chuck,
the ICN part is easy once SAML SSO Authentication is working with the Web Application Server. If you're using WAS, to take out complexity, you may deploy WAS DefaultApplication and use the Snoop servlet to validate using WAS.
This write-up https://help.hcltechsw.com/connections/v55/admin/secure/t_sec_config_saml_for_tfim.html lists the steps to that idea.