Configuring Remedy SSO server as a SAML service provider
If you plan to use SAML authentication for configuring your realms, you need to configure Remedy SSO as a SAML service provider.
To configure Remedy SSO server as a SAML service provider
- In the Remedy SSO Admin Console, click General > Advanced.
In the SAML Service Provider section, complete the following fields:
Field Description SP Entity ID
The entity ID of the service provider (SP). You can specify any value for SP Entity ID, for example rsso_sp_hostname. The Remedy SSO server name is used as the SP identifier in the Relying Party Trust configured on the Identity Provider (IdP) side.
The external URL of the service provider. It is the URL of the Remedy SSO server.
Note: The URL must be HTTPS only.
The keystore file path on the Remedy SSO server file system that includes the keystore file name.
The keystore file contains all the required certificates. If you are using PKCS12 keystores file, the file extension must be .p12.
If the keystore file is available in the tomcat/rsso/webapp/WEB-INF/classes folder, the value of this field can be the name of the keystore file, where tomcat is the Tomcat path. Otherwise, use the absolute file path.
Keystore Password The keystore file password. The keypair and keystore password must be the same.
Signing Key Alias
The alias name of the signing key in the keystore file.
Encryption Key Alias
The alias name of the encryption key used to encrypt the SAML assertions from the IdP. The metadata of this encryption key is imported into the IdP.
For information about how to decrypt SAML assertions, see Configuring advanced functions for SAML authentication.