The Adobe Admin Console allows a system administrator to configure domains which are used for login via Federated ID for Single Sign-On (SSO). Once the ownership of a domain is demonstrated, the domain can be configured to allow users to log in to the Adobe Creative Cloud. Users can log in using email addresses within that domain via an Identity Provider (IdP). The process is provisioned either as a software service which runs within the company network and is accessible from the Internet, or a cloud service hosted by a third party which allows for the verification of user login details via secure communication using the SAML protocol.
One such IdP is Centrify, a cloud-based service which facilitates secure identity management.
Before configuring a domain for single sign-on using Centrify as the IdP, the following requirements must be met.
- Administrative access to both the Adobe Admin Console and the Centrify Portal.
- An approved domain for your Adobe organization account. The status of the domain in the Adobe Admin Console must be Configuration Required.
To Configure Single Sign-On for your domain, perform the below steps:
To enter the required information for your IdP, use the Set Up Domain wizard in the Adobe Admin Console.
- Upload the certificate, and enter the IdP Issuer and IdP Login URL strings.
- Set IdP Binding to Redirect.
- For User Login Setting, choose Username if you are using LDAP, or choose Email address if you are using email.
On the Advanced tab, set the name format to unspecified and add the parameters for first name, last name, and email address: