SAML Service Provider Configuration
The Security Assertion Markup Language (SAML) is a set of profiles for exchanging authentication and authorization data across security domains. In the SAML domain model, an identity provider is a special type of authentication authority. Specifically, a SAML identity provider is a system entity that issues authentication assertions in conjunction with an SSO profile of SAML. A relying party that consumes these authentication assertions is called a SAML service provider.
Service providers, frequently abbreviated as SP, are the services that are requesting authentication and identity information about the principal. Service providers take authentication responses received from identity providers and use that information to create and configure sessions.
An Identity Provider, frequently abbreviated as IdP, is the service that serves as the source of identity information and authentication decision. Identity providers authenticate principals and return identity information to service providers.
Configuring SAML as the IDP on cidaas Apps
1. Create an application by navigating to Apps > App Settings.
2. Enable SAML in the app with the following steps:
Click Edit icon of the app under App Settings > Apps List.
In the Edit App page, click Advanced Settings.
Under Advanced Settings click Enterprise Provider (last option) and click SAML Settings.
- Enable the Enable SAML IDP Provider option.
3. Get Application callback URL by doing the following:
Navigate to Settings > Login Providers > SAML SP.
Click the Edit icon of the required SAML SP Group from the list.
On the Edit SAML service provider page, click App Configuration.
4. Click the VIEW SAML button.
5. Click the button showing the metadata URL, and then the arrow button. You will be redirected to the page with the .xml data. Here, copy “Location” URL and paste it at the corresponding SAML IDP Provider callback URL field.
6. Please do the same for the SAML IDP Provider Application callback URL.
7. Click the usage button.
Download the Identity Provider Certificate and paste into the cidaas SP under the IDP Settings Section in the IDP Signing Certificate field.
Download the Identity Provider Meta data and paste into the cidaas SP under the IDP Settings Section in the SP Meta Data field. Once pasted, the meta data url automatically gets the login & logout URL.
Create SAML SP Configuration Steps: (cidaas as a SP)
1. Navigate to Settings -> Login Providers.
2. Click SAML SP.
3. Click Login Providers -> SAML SP -> Create New SAML Service Provider.
4. Click Create New SAML Service Provider.
Login Request Settings
Finally, save the configuration.
App configuration for SAML SP Provider
1. Navigate to Admin Dashboard -> Apps -> Apps Settings
2. Click the Edit icon
3. Navigate to Advance Settings -> Login Providers. From the dropdown, select SAML Providers checkbox (multiple checkbox can be selected) and save it.
SAML SP login providers in cidaas login section
This successfully enables SAML provider on your portal, and will be visible on the login page.
For help with this configuration, please contact us on our support page. Thank you!