User name and password credentials must be defined for each local user. Additional
credentials from an external identity provider, such as Integrated Windows Authentication
(IWA), can also be mapped to the local user.
How do I know if I need to map credentials from external identity provider to a local
user?
Smart APIs can rely on user claims, such as name or email, to control access to its
resources. For local users, Smart API Manager provides a basic set of user claims.
External identity providers, such as Integrated Windows Authentication (IWA), might
provide additional user claims. If a Smart API requires additional user claims provided
by an external identity provider, you can map the identity from the external identity
provider to the local user to pick up those claims.
Which credentials should the user enter when logging on to a Smart Client?
It depends on the Smart API that the Smart Client calls. If the Smart API requires
any additional user claims provided by an external identity provider, then the user
authenticates using credentials for the external identity. Otherwise, the user can
enter the local user credentials.
-
On the left panel, click Users .
-
Click the user in the grid to see its details.
-
In the External Identities section, click and click Add external identity.
-
In the Add External Identity dialog box, click Identity Provider and select the identity provider owning the external identity you want to use.
-
Click Name, and enter the information for the identity you want to add to the group.
-
Click NEXT and then FINISH.
For details on how to specify user and group identity for the preconfigured external
identity providers included with Smart API Manager, see Identity providers.