- Go to Applications >> Web Services >> SAML Configuration >> New record.
- As we are supporting our AMS as IDP, the Record Type should be set as AMS as IDP.
- We need to specify the full path of the Private Key File. This file is protected by a password which we enter in the next field. This to be placed in any local folder in IDP environment. Following are the required fields:
- PrivateKeyPassword - nvarchar(100) - required - The password for accessing the PrivateKeyFile.
- IDPIssuer: required - The value of the Issuer element in SAML messages from the IDP. This could be any of your choice.
- IDPRequireAuthn bit - If true and this record is for the SP, the SP should generate the Authn request during redirect to the IDP. If true and this record is for the IDP, the IDP should fail if no authn is delivered.
- IDPAuthnURL - nvarchar(200) - where the authn request should be submitted to in the IDP. This is the endpoint in IDP where Authn Request from the SP is submitted to. Please refer to the “SAML” folder under SOA. In example its shown with localhost.
- IDPAuthenticationInterfaceURL - nvarchar(200) - When the recordType is AMS as IDP, this tells us where to find the interface for collecting credentials after the authn request has been processed. This is basically a dummy HTML page created by us, where the user submits the credentials to the IDP. This page can be any page, could be the Login page of the SP as well, just it needs to submit to the IDP with the user credentials.
SAMPLE Service Provider .net Application
Follow the instructions given below to setup SAMPLE Service Provider .net Application for testing:
Open SAML2ServiceProvider project under ../SAML for .NET/Examples/SSO/LowLevelAPI/SP-Initiated/