With SAML authentication enabled:

1. You navigate to the Controller login page and enter your account name.
2. The Controller redirects you to the external SAML IdP.
3. From the IdP, enter your credentials.The IdP redirects and logs you into the Controller.

To log in to the Controller, users require access to both the Controller and the identity provider service through the network from their computer. You can configure the Controller to assign roles to authenticated users based on group attributes in their SAML responses. See Map SAML-Authenticated Users to AppDynamics Roles.