Tenant

Available in Classic and VPC

This section describes how to create and manage tenants in the NAVER Cloud Platform console to manage the flow of authentication protocols and authentication information for Ncloud Single Sign-On integration.

Tenant page

The following is a basic description of how to use tenants.

Create tenants

The following describes how to create a tenant.

1. Access the NAVER Cloud Platform console.
2. From the Region menu, click the Region you're using.
3. From the Platform menu, click the platform you're using.
4. Click Services > Management & Governance > Ncloud Single Sign-On in order.
5. Click the Tenant menu.
6. Click on the [Create] button in the Tenant information.
   • After the tenant is created, the button changes to [Delete].
7. When the Create tenant pop-up window appears, check the contents and click the [Create Tenant] button after agreeing to the terms and conditions.
8. When the Tenant creation completed pop-up window appears, click the [OK] button.
   • Tenant ID and Tenant creation date and time are automatically assigned upon creation.
   • Whether or not the main account supports login is initially set to follow application-specific settings and can be changed.
   • The authentication URL is initially set using the automatically assigned tenant ID and can be changed.

Change NAVER Cloud login settings

After creating the tenant, you can change the login support of the main account initially set and the authentication URL.

Set support for login with the main account

You can set whether or not you can log in through the main account for each application registered in Tenant. The following describes how to configure the settings.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Click the drop-down list in Support for login with the main account in NAVER Cloud login field, and select whether to support it.
   • Allow: set to enable login with the main account for all registered applications
   • Deny: set to disable login with the main account for all registered applications
   • Follow the settings for each application: set whether to allow login individually when registering applications
5. Check the information, and then click the [Save] button.
   • If you do not click the [Save] button, your changes will not be saved.

Set authentication URL

You can set the initial authentication URL that is set to the tenant ID by entering the tenant alias. The following describes how to configure the settings.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. In the Authentication setting in NAVER Cloud login field, enter the desired value for Tenant Alias.
   • You can only use uppercase and lowercase English letters, numbers, hyphens (-), and special characters "-" and "_"
   • After entering the tenant alias, clicking the [Delete] button will reset the tenant alias and the authentication URL.
5. Confirm whether the value entered in the Authentication URL has been applied.
   • You can click the [Copy] button to copy the URL.
6. Enter the URL, and then click the [Save] button.
   • If you do not click the [Save] button, your changes will not be saved.

Change external IdP login settings

This explains how to register external IdP information to integrate with an external account and set up a user profile to integrate.

Organization integration

The master account can integrate and manage SSO User access permissions to resources held by member accounts within the Organization by integrating with the Organization service.

The following describes how to integrate with the Organization service.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Click the [Organization integration] button in the External IdP login field
   • When Organization integration is completed, the list of member accounts that can manage access permissions is updated in the Assignment menu.

Register external IdP

You can set up an integration system between the external IdP and the Ncloud Single Sign-On service by registering the metadata of the external IdP to be integrated.

The following describes how to register external IdP information.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Click the [Register external IdP] button in External IdP Metadata in the External IdP loginfield.
5. When the Identity Provider Metadata screen appears, enter the metadata of the external IdP to be integrated in the Metadata field and then click the [Save] button.
   • When valid metadata is entered, sub-information will be automatically entered.
6. Click the [Register] button.

Delete external IdP

You can stop Ncloud Single Sign-On integration by deleting the integrated external IdP information.

The following describes how to delete external IdP information.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Click the [Delete external IdP] button in External IDP Metadata in the External IdP login field.

Set login

The following describes how to change the login settings for an account logged in with an external account.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Change the desired settings in the login settings of the External IdP login field.
   • Session expiration time: the session expiration time of the external account logged in You can choose from among 10 minutes, 30 minutes, 1 hour, and 3 hours, and if there is no activity during the set time, you will be automatically logged out
   • Allow duplicate login: select whether to allow duplicate login. If duplicate logins are not allowed, only one session can be accessed per SSO role.

Manage user profile

You can enter user profile information to integrate external accounts and Ncloud Single Sign-On accounts.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Tenant menu.
4. Click the [Attribute Mapper] button in the External IdP login field.
5. Enter the user attribute information for the external account you wish to integrate.
6. In Sync mode, set the user profile update method.
   • None: the user profile is not updated
   • Import: the user profile is updated only upon first login
   • Force: the user profile is updated at every login
7. Click the [Save] button.

Delete tenants

The following describes how to delete the tenant created.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click the Subscription menu.
4. Click the In use button and then the Delete tenant button.
5. Once the Confirm tenant deletion pop-up window appears, enter the text and click [Delete].
   • Any values assigned or entered during tenant registration will be deleted as well.