It is important to note the following restrictions with using SSO with NetCloud Manager.
Restriction 1: Migrating your NetCloud Manager account to SSO is a permanent change.
Restriction 2: Once a NetCloud account is migrated to SSO, email and password logins will no longer work.
Restriction 3: The Enhanced Login Security feature within NetCloud is not compatible with SSO.
Restriction 4: SSO users must use API keys to register devices. See Connecting and Registering Devices to NetCloud Manager for information on using API keys to register devices.
Restriction 5: The administrator must be logged in to NetCloud Manager from the same browser they are attempting to perform the IdP migration from. Icognito browsers will not work.
NetCloud Manager Session Requirements
When working in your Identity Provider's configuration and the NetCloud Manager (NCM) SSO configuration, note the following.
You must work from the same NetCloud Manager session until the integration completes
The Service Provider ACS URL ID and SP Entity ID values are obtained from NetCloud Manager and used in your IdP's configuration. These values regenerate between NetCloud Manager sessions. Your IdP app will become out of sync with NetCloud Manager if a new session starts. To increase the length of NCM sessions, see How to set Session Length in NCM.
The administrator performing the SSO integration must remain logged into NetCloud Manager to finish the migration.
The email address of the NetCloud Manager administrator must match the email address of the user performing the migration in the IdP.
Support for IdP Configurations
Ericsson is unable to provide complete, beginning-to-end instructions and support for configuring SSO apps with Identity Providers. This is due to the number of IdPs and the varying approaches to configuration.
If you encounter issues while configuring a NetCloud SSO app with your IdP, contact your IdP's support for help.
Ericsson provides the following information which, when combined with the configuration instructions provided by your particular IdP, should help you complete your IdP configuration:
Examples of where SSO app configuration settings are made in two commonly used IdPs, Okta and Azure.
Names and values of the SAML 2.0 settings used in the SSO app configuration.
Follow-up steps taken in the IdP after the NetCloud Manager integration is complete.
IdP Entity ID's must be unique across all of NCM. If an entity ID has already been used and activated on a different NCM account, it cannot be used again.