Create a federation
As a DoubleCloud user, you can create multiple user federations within each organization.
To create a new federation:
-
Go to the console.
-
In the upper-left corner of the page, click your organization name → Manage organizations.
-
Select Members from the panel on the left, open the Federations tab and click Create.
-
On the Create Federation page:
-
Specify the Name of your federation.
-
Specify the Cookie lifetime in minutes.
DoubleCloud federations support cookie lifetime from
10to720minutes (12 hours). -
Specify the IdP issuer.
-
From the dropdown menu, select the SSO method:
-
POST- send your token from the SSO server using the HTTP POST method. Your token will always be encrypted. We recommend using this method as a more secure solution. -
REDIRECT- send your token from the SSO server using an HTTP redirect . This is a more straightforward method of authentication since it doesn't require a POST request. However, it has some security limitations - your authentication token will be included in the URL, potentially exposing it to server logs.
-
-
Provide a link to the IdP login page.
-
Under Advanced:
-
Select the state of the Automatically create users checkbox:
Enabled
Users will be added to the federation automatically at the first SSO login. They'll also automatically become members of the organization to which their federation belongs.
Disabled
Users need to be invited to the federation individually.
-
Choose the state of the Sign authentication requests checkbox:
Enabled
Enable the SAML request signature verification. We strongly recommend using this option to improve your federation's security.
Disabled
Disable the SAML Request signature verification.
-
Select the state of the Case-insensitive user names checkbox:
Enabled
NewUser@company.com,newuser@company.com, andnewuser@Company.comare the same user.Disabled
NewUser@company.com,newuser@company.com, andnewuser@Company.comare different users.
-
-
-
Click Create Federation.