This section is only meant for DataCamp Enterprise administrators that are setting up SSO with Centrify as their IDP. Only proceed if you have read and understood our SSO documentation.
Centrify Configuration Instructions
Note: All of these steps are to be performed in OneLogin, not DataCamp.
Create an application in Centrify
- Create a new "Custom" application from the admin overview of Centrify.
Rename the application
- A new application is created with the name SAML.
- Locate it and rename it to something that makes sense to you like "DataCamp SSO"
Identity provider configuration
- Go to the "Trust" tab and opt for a manual configuration for Identity Provider Configuration.
- Copy the idP Entity ID / Issuer from Centrify paste it into the Entity ID / Issuer URL field in DataCamp Enterprise.
- Copy the Single Sign On URL from Centrify and paste it into the Login URL / SSO Endpoint field in DataCamp Enterprise.
- Download the Centrify Signing Certificate, open it with a text editor and paste the contents into the idP Certificate field in DataCamp Enterprise.
Service provider configuration
- Go to the Trust tab and opt for a manual configuration for Service Provider Configuration
- Copy the Entity ID / SAML Audience from DataCamp Enterprise and paste it into the SP Entity ID / Issuer / Audience field in Centrify.
- Copy the Assertion Consumer URL from DataCamp Enterprise and paste it into the Assertion Consumer Service (ACS) URL field in Centrify.
- Set NameID Format in Centrify to emailAddress
Account Mapping
- Go to the Account Mapping tab and select Account Mapping Script. Use the mapping script as shown here: LoginUser.Username = LoginUser.Get('mail');
Deploy
Deploy the application by setting permissions to certain users, groups and/or roles.