Remote Identity Provider (IdP) Editor
Field | Parameter | Description |
|---|---|---|
Name |
| Name for the IdP or accept the provided IdP name. The Name field is pre-populated with a value that reflects the expected IdP name. |
View SAMLv2 Metadata |
| Click this option to view metadata XML for the configured IdP. When you click View SAMLv2 Metadata, a new page opens, displaying the metadata. |
Binding |
| This option determines the way in which SAML messages will be sent and received between the IdP and the SP. HTTP-Redirect and Post are used when a direct connection between the IdP and SP is not possible. The two bindings differ in the method used to exchange the SAMLv2 messages: HTTP Redirect or XHTML Form with Post. |
Sign Messages | Signing Certificate Alias | The alias specifies the certificate that will be used to sign the specified SAML messages. Signing is used to verify the messages have not been altered in transit and that it originated with the IdP. Click View to see the selected signing certificate details. |
| Authentication Request, Logout Request, Logout Response, Manager Name ID Request, Manager Name ID Response, and Artifact Resolve | These parameters are the SAMLv2 messages that are to be signed by the IdP or are expected to have been signed by the SP. |
Encrypt Elements | Encryption Certificate Alias | The alias specifies the private key that will be used to encrypt the secret key used to encrypt the SAMLv2 messages. Click View to see the selected encryption certificate details. |
| Encryption Algorithm | The encryption algorithm used to encrypt SAMLv2 messages. Select an option, None, 3DES, AES-128, or AES-256, from the drop-down menu. |
| Name ID | Specifies whether to encrypt the Name ID or leave it in plain text. |