aaa saml enable
Enables Security Assertion Markup Language (SAML) 2.0 authentication on an appliance.
Syntax
[no] aaa saml enable
Parameters
None
Usage
You must have IdP configured for the appliance before you enable SAML. Once IdP is configured, you can choose to enable SAML in the SCC or SteelHead Management Console or by running this CLI command on the appliance.
SAML authentications are only available in the Management Console web interface; they are not available through the CLI. Once SAML is enabled on the appliance, users can log in to its Management Console, provided their user accounts have been set up in IdP. Users who have not been mapped to IdP can log in through the CLI but are authenticated using the local, RADIUS, or TACACS+ authentication methods.
By default, SAML is disabled. The no command option disables SAML if it has been enabled.
If you cannot log in using SAML (for example, if the IdP server is unavailable), you can log in through the CLI and disable SAML. Once SAML is disabled, you revert to the previously configured (local, RADIUS, or TACACS+) authentication method for the web interface.
For more details on how to configure IdP and enable SAML, see the SteelHead User Guide.
Example
amnesiac (config) # aaa saml enable
Product
SCC, SteelHead CX, SteelHead-c, SteelHead-v
Related Commands
SteelConnect compatibility commands
SteelHead CX appliances running RiOS 9.5 and later are compatible with SCM 2.3 and later, integrating the SteelHead WAN optimization capabilities with the SteelConnect software-defined WAN (SD-WAN) capabilities. The combined products provide a smooth transition from WAN optimization to hybrid networking to SD-WAN. See the SteelConnect Manager User Guide for more information about the SteelConnect compatibility feature.