CA Single Sign-On Integration Guide Overview
CA Single Sign-On (formally known as CA SiteMinder) is a Web Access Management system that supports advanced authentication, risk-based security policies, and federated identities. This documentation describes how to configure a single sign-on partnership between CA Single Sign-On as the identity provider and the Single Sign-On Service (SSO) for Pivotal Cloud Foundry as the service provider.
SSO supports service provider-initiated authentication flow and single logout. It does not support identity provider-initiated authentication flow. All SSO communication takes place over SSL.
To integrate CA Single Sign-On with Pivotal Cloud Foundry (PCF) you must have the following:
- CA Single Sign-On v12.52 or later
- A certificate signed by a certificate authority
Note: To configure SAML, you must have the Pivotal Single Sign-On service broker installed on your PCF deployment. You need to create a plan, grant any plan administrators, and specify any organizations this plan should be the authentication authority for. For help configuring plans, see the Manage Service Plans topic.
Configuring CA Single Sign-On with SSO
Complete both steps below to integrate your deployment with CA Single Sign-On and SSO.