Often administrators are asked to configure logins of an IDP solution with Cloud Protection Manager CPM. This document will discuss the required configuration steps needed to allow IDP users to easily access CPM GUI and be able to see and configure/edit polices created by the CPM Root/Admin account. You will be creating delegate users to the root account for IDP users with their own IDP credentials. This procedure makes use of the "default _root_delegates" Group in CPM and we will detail steps required to add a corresponding group to the IDP side.
IDP applications allow for easier application access and security policy implementation through the use of groups. So the first step in this process of integrating the login for an IDP or SSO application is to add a group to IDP that will logically group users who need access to CPM in this example as the root account.
Name Name Format Value
cpm_user_permissions Basic User.cpm_custom_attribute
Name Name Format Filter
cpm_default_root_delegates Unspecified Starts with: cpm_