The configuration for Identity Federation requires work to be done in the following areas:
- The Identity Provider (IdP) environment, by the Administrator of the IdP
- TD Console, by the TD account owner or an administrator
Administrator for the Identity Provider
In the IdP environment, you add Treasure Data to your list of authorized applications. In your IdP, each Treasure Data account is added as a separate application. You assign your users to the Treasure Data applications, as needed.
Treasure Data Account Owner or Administrator
As the Treasure Data Account owner or an administrator, you configure trust settings and assign users to Identity Federation access. You configure the trust setting in each of your Treasure Data accounts. You can configure trust settings using TD Console or TD APIs. For TD API support, contact your Customer Success Representative.
Each of your Treasure Data accounts with Identity Federation enabled is assigned a unique name within Treasure Data. The assigned name is used in your IdP configuration. The ID is not editable.
For details on configuring TD Console for Identity Federation, see Configuring Identity Federation in TD Console.