SAML
NIM supports SAML for authentication, providing a versatile and secure method for user verification. This capability allows NIM to authenticate users from a range of external systems that support SAML, including Microsoft Entra, Google Workspace and Okta. The advantage of using SAML for authentication in NIM is the convenience it offers; users can access NIM applications without the need for creating separate passwords within NIM itself. This feature simplifies the process of deploying NIM Apps, as it integrates with existing user credentials from these external systems, streamlining access and maintaining security.
Requirements
User must exist in NIM's internal user table with matching email address or username
Configure Microsoft Azure (Entra) SAML
Select Create you own application
Enable SAML
Download metadata from App Federation Metadata Url under SAML Certificates
Open NIM Studio
Go to Configuration > SAML
Click
Add Button
Enter a Name for the configuration (e.g. Azure)>
The metadata downloaded from Entra should now be uploaded to the Idp Metadata field. Then click Create
Click on the newly created configuration in the grid to select it. A metadata URL is then provided to upload to Azure
Update the following NIM Configuration settings
Idp
Sp
Configure Google Workspace SAML
Setup your own custom SAML app in Google Workspace
Download IDP Metdata
Open NIM Studio
Go to Configuration > SAML
Click
Enter a Name for the configuration (e.g. Google)>
The metadata downloaded from Google should now be uploaded to the Idp Metadata field. Then click Create
Click on the newly created configuration in the grid to select it. URL's a given to be added to Google
Return to Google and configure the following URL's
ACS URL: <NIM ACS Callback URL>
Entity ID: <NIM Metadata URL>
Signed Response: Enabled/Checked>
Name ID Format: EMAIL
Name ID: Basic Information > Primary Email