Explains what the feature is or what its benefits are to the user or customer.
ThoughtSpot can use Security Assertion Markup Language (SAML) to authenticate users. You can set up
SAML through the shell on ThoughtSpot using a tscli based configurator.
Before configuring SAML, you will need this information:
IP of the server where your ThoughtSpot instance is running.
Port of the server where your ThoughtSpot instance is running.
Protocol, or the authentication mechanism for ThoughtSpot.
Unique service name that is used as the unique key by IDP to identify the
It should be in the following format:
Allowed skew time, which is the time after authentication response is
rejected and sent back from the IDP. It is usually set to 86400.
The absolute path to the idp-meta.xml file. This is needed so that the
configuration persists over upgrades.
This configurator also checks with the user if internal authentication needs
to be set or not. This internal authentication mechanism is used to
authenticate tsadmin, so set it to true if you do not know what it
Use this procedure to set up SAML on ThoughtSpot for user authentication. Note that this configuration persists across software
updates, so you do not need to reapply it if you update to a newer release of ThoughtSpot.