Step 3: Configure an External Identity ID

For the IAM user SSO type, you must configure an external identity ID for the IAM user which the federated user maps to on the cloud platform. The external identity ID must be the same as the IAM_SAML_Attributes_xUserId value of the enterprise IdP user (federated user). You can create an IAM user and configure an external identity ID for it, or change the external identity ID of an existing IAM user.

Creating an IAM User and Configuring an External Identity ID

  1. Log in to the IAM console as an administrator.
  2. On the IAM console, choose Users from the navigation pane, and click Create User in the upper right corner.
  3. In the User Details area, configure an external identity ID. For details about other settings, see Creating a User.

    Figure 1 Configuring an external identity ID

Changing the External Identity ID of an Existing IAM User

In the IAM user list, click a username or choose More > Security Settings in the row containing the user and change the external identity ID.

Figure 2 Changing the external identity ID of an existing IAM user
Parent topic: IAM User SSO via SAML