Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
72:integration:saml [2018/10/25 18:01] – emr | 72:integration:saml [2018/10/25 18:04] – emr | ||
---|---|---|---|
Line 39: | Line 39: | ||
< | < | ||
- | providerId=" | + | providerId="< |
signatureKeyAlias=" | signatureKeyAlias=" | ||
- | | + | > |
</ | </ | ||
Line 58: | Line 58: | ||
The most reliable way to configure the SAML Identity Provider (IdP) is to ask the access management team for the IdP metadata. | The most reliable way to configure the SAML Identity Provider (IdP) is to ask the access management team for the IdP metadata. | ||
- | From this metadata, you will be able to derive the parameters for the following configuration: | + | From this metadata, you will be able to derive the parameters |
+ | |||
+ | * EntityIdfromMetadata | ||
+ | * SingleSignOnServiceLocationFromMetadata | ||
+ | * DisplayName (alternative: | ||
+ | * EMailAddress | ||
+ | |||
+ | for the following configuration: | ||
< | < | ||
Line 65: | Line 72: | ||
< | < | ||
- | providerId=" | + | providerId="< |
- | providerUrl=" | + | providerUrl="< |
nameIdPolicyFormat=" | nameIdPolicyFormat=" | ||
userFullnameTemplate=" | userFullnameTemplate=" | ||
- | | + | |
<!-- hardcoded magic value that specifies the NameID from the SAML reply --> | <!-- hardcoded magic value that specifies the NameID from the SAML reply --> | ||
< | < | ||
<!-- either " | <!-- either " | ||
- | < | + | < |
- | < | + | < |
- | < | + | < |
- | < | + | < |
<!-- This matches if the SAML assertion contains a SAML attribute " | <!-- This matches if the SAML assertion contains a SAML attribute " | ||
Line 110: | Line 117: | ||
MIIDCTCC... | MIIDCTCC... | ||
- | //<Insert the X509Certificate " | + | < |
...Qwgf5bXby+ug== | ...Qwgf5bXby+ug== | ||
Line 133: | Line 140: | ||
After you configured the service provider and identity provider in '' | After you configured the service provider and identity provider in '' | ||
+ | |||
===== Generate the SAML SP metadata ===== | ===== Generate the SAML SP metadata ===== | ||