Authentication Tasks

How to Configure SAS Token Authentication

For metadata-aware connections to the stored process server, the pooled workspace server, and the OLAP server, SAS token authentication is always used and no configuration is involved. See SAS Token Authentication.

To configure the standard workspace server to use SAS token authentication:

Note: This is not a universally necessary task. Configuring the standard workspace server to use SAS token authentication is one of several solutions to a mixed provider situation. See Mixed Providers. [cautionend]

Log on to SAS Management Console as someone who has user administration capabilities (for example, sasadm@saspw).
On the Plug-ins tab, expand Server Manager and the application server (for example, SASApp). Right-click the logical server (for example, SASApp - Logical Workspace Server) and select Properties.
On the Options tab, select SAS token authentication. Click OK to save this setting.
Expand the logical server , select the server , right-click, and select Properties.
On the Options tab, from the Launch Credentials drop-down list, select a login and click OK. The most basic choice is the SAS Spawned Servers account (the sassrv login). If you want to use another account, see Criteria for a Designated Launch Credential.
To make the changes take effect, refresh the spawner's metadata.
1. Expand the object spawner , right-click the computer , and select Connect.
2. Right-click the computer again and select Refresh Spawner. In the message box, click Yes.
3. Right-click the computer a third time and select Disconnect.
To validate the configuration, select the logical workspace server , right-click, and select Validate.

Metadata layer access from the server (for example, library pre-assignment, PROC OLAP code, and metadata LIBNAME engine use) will still be based on each requesting user's identity. However, all host access from the server will now be under the designated launch credential. See Example: Multiple Levels of Host Access.

Top of Page