Command Reference > infasetup Command Reference > updateDomainSamlConfig
  

updateDomainSamlConfig

Enables or disables Secure Assertion Markup Language (SAML) authentication for Informatica web applications in an Informatica domain. You can also use the command to update the identity provider URL and specify allowed time difference between the Active Directory Federation Services (AD FS) host system clock and the system clock on the master gateway node.
Run the command on each gateway node within the Informatica domain. Shut down the domain before you run the command.
The infasetup updateDomainSamlConfig command uses the following syntax:
updateDomainSamlConfig
<-saml> true|false
[<-iu> identity_provider_url]
[<-ClockSkewTolerance|-cst> clock_skew_tolerance_in_seconds]
The following table describes the infasetup updateSamlConfig options and arguments:
Option
Argument
Description
-EnableSaml
-saml
true|false
Required. Enables or disables SAML authentication in the Informatica domain.
Set this value to true to enable SAML authentication in the Informatica domain.
Set this value to false to disable SAML authentication in the Informatica domain.
-IdpUrl
-iu
identity_provider_url
Required if the -saml option is true. Specify the identity provider URL for the domain. You must specify the complete URL string.
-ClockSkewTolerance
-cst
clock_skew_tolerance_in_seconds
Optional. The allowed time difference between the Active Directory Federation Services (AD FS) host system clock and the system clock on the master gateway node.
The lifetime of SAML tokens issued by AD FS by is set according to the AD FS host system clock. The lifetime of a SAML token issued by AD FS is valid if the start time or end time set in the token is within the specified number seconds of the system clock on the master gateway node.
Values must be from 0 to 600 seconds. Default is 120 seconds.