- If you are a new Vantage customer, Teradata enables Single Sign-on (SSO) during provisioning.
- If you are an existing Vantage customer, and don't yet have SSO, submit a change request to have Teradata enable it.
With SSO enabled, complete the self-service configuration steps found in Teradata Vantage™ - Analytics Database Security Administration.
- Provider URL
- Use the link in the email to access the Identity configuration interface.
- Use the link in the email to reset your password.
- Complete the multi-factor authentication (MFA) flow using the passcode sent to your email address.This is the same email address you use to log on to the Vantage Console.
- Select .If you don't see the icon, contact your system security or cloud administrator. Only the Day0 admin with Customer Admin or Cloud Service Owner privileges can access Identity configuration.
- In the Settings section, enter a unique Name for the IdP configuration.
- Enter the Domain of the email client, for example, mycompany.com.
You can add multiple email domains as comma-separated values. For example, if your organization uses the email addresses firstname.lastname@example.org and email@example.com, type mycompany.com, abc.mycompany.in.If you are a new customer using SSO, you have this multiple domain feature. If you are an existing customer using SSO, submit a change request to enable it.
- Use the menu to select the SSO protocol.
Protocol Option Values SAML
Identifier (Entity ID): https://login.customer.teradata.com
Reply URL: https://login.customer.teradata.com/sp/ACS.sam12
OpenID (OIDC) When selecting the OIDC protocol, copy the redirect URL from the Vantage Console Identity page and use it in your cloud service IdP application to complete the IdP configuration with Vantage IdP.
- In the Claims section, enter the following attributes to establish the user mapping.
Field Attribute subject Subject mapped to the SSO protocol user_name Username associated with the Vantage user accountThis username is mapped to the database username. name Display name of the user firstName First name of the user lastName Last name of the user Email of the user
- Select Save.Once SSO is configured, the Identity card is no longer visible to the Day0 user. To make future changes, the Day0 admin must log in using a non-SSO path and change the settings.