Looking to find a way that Active Directory users can access ASM (On-Prem and SaaS)
Almost a 4000 user environment, cannot perform manual configuration for each user to authenticate and authorize to ASM
Release : 10.1
Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)
ASM cannot integrate directly to LDAP.
ASM only supports SAML2 for SSO. End users must have an identity provider supporting SAML2,
Once SAML2 compliance is confirmed, provide the information that Broadcom needs:
1) An entity ID
2) SSO URL
3) SLS URL (optional)
4) The public certificate
Once Broadcom has it, we provide
2) our SLS
3) some configuration details (e.g. what format we support etc.)
This is everything in one XML file (metadata).
The admin configures their service to send us in the response the user email in the samlNameId object or in attribute 0.9.2342.19200300.100.1.1. The email must be the same as in the ASM email.
Very short but clear overview what SAML is can be found here: