Configuring SAML Application Federation Settings
This section describes how to configure SAML application federation settings.
- Click "Application" and then "Application Management."
- Click "Edit" for SAML Application.
- Click "Federation."
Enter the items such as "SAML Basic Information" and then click "Update."
Term Description SAML Basic Information Redirect target after validation (RelayState) URL accessed by users after successful SAML authentication
Enter a URL if the RelayState is specified in the SP manual or other documentation.
Application top page URL URL for top page of the application
Specify the URL used to start SP-initiated SSO if SP does not support IdP-initiated SSO.
Assertion signing algorithm Assertion signing algorithm included in the SAML response
Refer to "Adding SAML Applications (Assertion Signing Algorithms)" for more information.
Upload SP metadata Upload SAML SP metadata.
We recommend that you enable this setting if your SP provides metadata.
Enter SAML information Single sign-on URL URL used by SP to receive SAML responses (AssertionConsumerService) Entity ID SP entity ID
[ Note ]
The following characters cannot be used.
"< >" Use of any of these characters will cause application creation to fail.
NameID format Format of the user identifier (NameID) in SAML responses
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
Specifying User Identifier (NameID) Specify a user attribute to be included in the user identifier (NameID) of the SAML response.
Refer to "Adding SAML Applications (User Identifier (NameID) Specification)" for more information.
Attribute Mapping (User Attribute) Specify the user attribute to be included in Attribute Information (AttributeValue) in SAML responses.
Refer to "Adding SAML Applications (Attribute Mapping (User Attribute))" for more information.
Attribute Mapping (Assigned Group Name) Specify the group name to be included in Attribute Information (AttributeValue) in SAML responses.
Refer to "Adding SAML Applications (Attribute Mapping (Assigned Group Name))" for more information.
[ Reference ]
The SAML ID provider information required for a federation with external services is displayed on the “ID Provider” tab.