Cloudia’s ADFS integration utilises an authentication server such as Microsoft ADFS that connects to the customer's AD system. The message format used is SAML 2.0.
After a successful login, the ADFS server passes the following information to the Cloudia system:
-
The user’s name
-
Username
-
E-mail address
-
The unique identifier of the user’s group (e.g. agency or unit so that the user can be assigned to the correct part of the organisation in Cloudia’s system)
-
The user’s role (in Cloudia’s system, not mandatory information. Can also be set in Cloudia’s User Management)
Logging in to Cloudia’s systems
Logging in to Cloudia can take place in two different ways, depending on how the integration has been defined:
SP-initiated login
The user opens the browser and proceeds to address: https://login.cloudia.net/login/ and selects the correct organisation from the ‘Login with ADFS’ drop-down menu
NOTE! The organisation may also have set up referral to the address concerned from its own subdomain (e.g. cloudialogin.example.com)
NOTE! The user will not be created if the unit information presented in the user details cannot be found from the organisation structure.
The user role setup depends on how the AD integration has been defined
-
The user’s account, unit and role details are obtained from AD upon first login. In this case, the user account will be ready immediately after first login.
-
Only the user and unit information is obtained from AD. In this case, the administrator may set the roles separately in Cloudia User Management.
IdP-initiated login
-
The user opens the browser and proceeds to the ADFS login service of his or her own organisation.
-
The user selects from the drop-down menu the service to which user wishes to log in (Cloudia) and logs in.
NOTE! The user will not be created if the unit information presented in the user details cannot be found from the organisation structure.
The user role setup depends on how the AD integration has been defined
-
The user’s account, unit and role details are obtained from AD upon first login. In this case, the user account will be ready immediately after first login.
-
Only the user and unit information is obtained from AD. In this case, the administrator may set the roles separately in Cloudia’s User Management.
Administrators
Administrators log in to the system with their user name and password at https://login.cloudia.net