After creating a SAML profile in NSX Advanced Load Balancer and a SAML catalog item in Workspace One Access, enable SAML and grant superuser rights to SAML users.
You can configure granular role-based access control by adding application parameters into the Workspace One Access catalog item and then mapping those parameters to different roles in NSX Advanced Load Balancer. For more information, see Authorization: Tenant and Role Mapping Examples.
To enable SAML and map user roles, follow the steps below.
Log in to the NSX Advanced Load Balancer Controller with admin credentials.
Navigate to Edit.
and clickUnder Authentication, select Remote.
Select the Enable Local User Login option. If this option is not selected, and there is a configuration issue, you will not be able to log back into the Controller.
-
Select the Auth Profile created with SAML as the Type and select the required Mapping Profile.
Click Save.
SAML authentication is now configured on the NSX Advanced Load Balancer Controller.