- Print
- PDF
Ncloud Single Sign-On scenarios
- Print
- PDF
Available in Classic and VPC
The integration features provided by Ncloud Single Sign-On service include NAVER Cloud login and External IdP login. Although you can learn more about how to use it in Getting Started with Ncloud Single Sign-On and Using Ncloud Single Sign-On, we recommend that you first examine the entire scenario of using Ncloud Single Sign-On. Reading the instructions after learning the usage scenario will allow you to use Ncloud Single Sign-On more efficiently.
NAVER Cloud login scenario
The overall procedures and description of each procedure for managing the access permissions of applications within an organization using a NAVER Cloud Platform account are as follows:
1. Set usage permissions
2. Create tenants
3. Register applications
4. Integrate with Ncloud Single Sign-On
5. Set the login button
6. Check the status of personal information provision
1. Set usage permissions
If you need to manage and share Ncloud Single Sign-On with multiple users, you can set permissions for each user. Permissions for each user can be configured as administrator and user permissions through Sub Account of NAVER Cloud Platform, and roles can be defined for each permission. The setting of usage permissions is not mandatory, so you can configure or remove them at any time when there is a need for permissions during the use of Ncloud Single Sign-On.
Sub Account is a free service provided upon subscription request without additional charge. For a detailed description of Sub Account and its pricing plans, see the Services > Management & Governance > Sub Account menu in NAVER Cloud Platform portal.
You can refer to the following user guides:
2. Create tenants
To use Ncloud Single Sign-On, you need to create a tenant to manage the flow of authentication protocols and authentication information. When creating a tenant, you can set whether to allow application login using the main account, set the Authentication URL, or register external IdP information, and set user attribute information. You can refer to the following user guides:
3. Register applications
After creating a tenant, you can configure and register application information and the personal information provision consent page to integrate with Ncloud Single Sign-On. If an application is registered, a client ID and client secret required for integration will be issued. After registering an application, you can use the application information to create an authentication URL. You can refer to the following user guides:
4. Integrate with Ncloud Single Sign-On
You can use the API to set up access to the application with your NAVER Cloud Platform account. You can refer to the following user guides:
5. Set login button
Design and place the login button required to log in from the integrated application. Provide guidelines to consider when designing the login button according to your own design guide. If you don't have your own design guide, you can also utilize the login button markup provided by NAVER Cloud Platform. You can refer to the following user guides:
6. Check the status of personal information provision
Through the main or sub account you're currently logged in to, you can see the list of applications that you're providing privacy information to by building an SSO system with Ncloud Single Sign-On. You can refer to the following user guides:
External IdP login scenario
The overall procedures and explanation of each procedure for managing permissions to access NAVER Cloud Platform accounts with external accounts used within the organization are as follows:
1. Register external IdP information
2. Create SSO Users
3. Set access permissions
4. Set roles
1. Register External IdP information
You can set up access to NAVER Cloud Platform with an external application account by registering the external IdP information to be integrated. Only one external IdP can be registered, and you can refer to the following user guides:
2. Create SSO Users
You must prepare an SSO User so that you can do SSO login to NAVER Cloud Platform with an external account. Create an SSO User using the external account information to be integrated. If you need to grant the same permissions to multiple SSO Users, you can organize them into groups. You can refer to the following user guides:
3. Set access permissions
The permission that allows SSO Users to access NAVER Cloud Platform is called Permission Set. You must configure the Permission Set to be assigned to the SSO User to access the allocated resources within NAVER Cloud Platform. The access permissions to be assigned to SSO Users can be selected from the Sub Account service's managed policy or the user-defined policy. You can refer to the following user guides:
4. Set roles
Create roles (assignments) that connect SSO Users and Permission Sets. You can create one Assignment per Permission Set. The assignments you create will appear in the SSO Roles list in the SSO User login page. You can refer to the following user guides:
5. Set access ranges
You can create an IP ACL to group and manage IP ranges that you can access. You can connect the created IP ACL to an assignment and allow it to be used by external account users only from the IP ranges set upon login to NAVER Cloud Platform.
You can refer to the following user guides: