SAML SP Configuration
Security Assertion Markup Language (SAML) is an XML-based framework for authentication and authorization between two entities:
- Service Provider
- Identity Provider
SAML is a standard single sign-on (SSO) format. Authentication information is exchanged through digitally signed XML documents.
Service providers (Cidaas as a SP)
Service providers, frequently abbreviated as SP, are the services that are requesting authentication and identity information about the principal. Service providers take authentication responses received from identity providers and use that information to create and configure sessions.
An Identity Provider, frequently abbreviated as IdP, is the service that serves as the source of identity information and authentication decision. Identity providers authenticate principals and return identity information to service providers (see below). A few examples of common identity providers: Auth0, ADFS, and Okta.
SAML IDP Configuration Steps
The Security Assertion Markup Language (SAML) is a set of profiles for exchanging authentication and authorization data across security domains. In the SAML domain model, an identity provider is a special type of authentication authority. Specifically, a SAML identity provider is a system entity that issues authentication assertions in conjunction with an SSO profile of SAML. A relying party that consumes these authentication assertions is called a SAML service provider.
Choose any other SAML IDP Provider:
- Shibboleth (On-premise & Open Source)
- miniOrange (cloud and On-premise)
- Okta (Cloud)
- OneLogin (Cloud)
- ADFS (On-premise)
- Bitium (Cloud)
- SimpleSAMLPHP (On-premise & Open Source)
- KeyCloak (On-premise & Open Source)
- WSO2 (On-premise & Open Source)
1. Create an application from any other IDP provider.
2. Enable SAML in the app.
3. Get Application Callback URL from the Cidaas SAML SP section under the App Configuration section and choose the particular app and save it.
4. Click on the VIEW SAML button just showed.
5. Click on the button showing Meta data URL and then click the arrow button, it redirects to the new page which shows the .xml data. In that copy “Location” URL and paste it to the corresponding SAML IDP Provider callback URL.
6. SAML IDP Provider Application Callback URL.
7. Click on the Usage button.
Download the Identity Provider Certificate and paste into the Cidaas SP under the IDP Settings Section in the IDP Signing Certificate field.
Download the Identity Provider Meta data and paste into the cidaas SP under the IDP Settings Section in the SP Meta Data field. Once paste the meta data url automatically get the login & logout URL.
Create SAML SP Configuration Steps: (cidaas as a SP)
1. Navigate to cidaas Admin Dashboard -> Settings -> Login Providers
2. Click on SAML SP
3. Click on Login Providers -> SAML SP -> Create New SAML Service Provider
4. Click on Create New SAML Service Provider
IDP Settings Section
Login Request Settings
Finally save it .
SAML SP Configuration Lists
App configuration for SAML SP Provider
1. Navigate to Admin Dashboard -> Apps -> Apps Settings
2. Click on the Edit icon
3. Click on Advance Settings -> Login Providers. From the drop down, select SAML Providers checkbox (multiple checkbox can be selected) and save it.
SAML SP login providers in cidaas login section
This successfully enables SAML provider on your portal, and will be visible on the login page.