After you log on to the CloudSSO user portal, you can view the accounts that you can access in your resource directory and access the resources of the accounts as a Resource Access Management (RAM) role or RAM user.
Step 1: Obtain the URL of the CloudSSO user portal
Step 2: Log on to the user portal
- Enter the URL that is obtained from Step 1 in your browser.
- Log on to the user portal based on a specified logon method.
- Single sign-on (SSO) logon
- Click Redirect to go to the logon page of the enterprise identity provider (IdP).
- Use the username and password of the enterprise IdP to log on to the user portal.
- Click Redirect to go to the logon page of the enterprise identity provider (IdP).
- Username-password logon
- Enter the username and password of the CloudSSO user and click Log On.
- Optional. If multi-factor authentication (MFA) is enabled, complete MFA verification.
- If this is your first time to log on to the user portal, you must bind an MFA device. For more information, see Bind the first MFA device.
- If an MFA device is bound, enter the verification code that is obtained from the mobile device and click Verify.
- Single sign-on (SSO) logon
Step 3: Access the resources of an account in your resource directory
RAM role-based logon
If the resources of a cloud service can be accessed as a RAM role and a CloudSSO user is assigned the access permissions on an account in your resource directory by using an access configuration, the CloudSSO user can access the resources of the account as a RAM role. This method is suitable for most cloud services.
RAM user-based logon
If a cloud service cannot be accessed as a RAM role and you create a RAM user provisioning for an account in your resource directory by using CloudSSO, you can can access the resources of the account as a RAM user.