List of published manuals

List of manuals for contractors

IIJ ID Service Manual [For Administrators]

Configuring SAML Application Federation Settings

This section describes how to configure SAML application federation settings.

  1. Click "Application" and then "Application Management."
  2. Click "Edit" for SAML Application.
  3. Click "Federation."

  4. Enter the items such as "SAML Basic Information" and then click "Update."

    TermDescription
    SAML Basic Information





    		Redirect target after validation (RelayState)

    URL accessed by users after successful SAML authentication

    Enter a URL if the RelayState is specified in the SP manual or other documentation.

    Application top page URL

    URL for top page of the application

    Specify the URL used to start SP-initiated SSO if SP does not support IdP-initiated SSO.

    Assertion signing algorithm

    Assertion signing algorithm included in the SAML response

    Refer to "Adding SAML Applications (Assertion Signing Algorithms)" for more information.

    Upload SP metadata

    Upload SAML SP metadata.

    We recommend that you enable this setting if your SP provides metadata.

    Enter SAML informationSingle sign-on URLURL used by SP to receive SAML responses (AssertionConsumerService)
    Entity ID

    SP entity ID

    [ Note ]

    The following characters cannot be used.

    "< >" Use of any of these characters will cause application creation to fail.

    NameID format

    Format of the user identifier (NameID) in SAML responses

    • urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
    • urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    • urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
    Specifying User Identifier (NameID)

    Specify a user attribute to be included in the user identifier (NameID) of the SAML response.

    Refer to "Adding SAML Applications (User Identifier (NameID) Specification)" for more information.

    Attribute Mapping (User Attribute)

    Specify the user attribute to be included in Attribute Information (AttributeValue) in SAML responses.

    Refer to "Adding SAML Applications (Attribute Mapping (User Attribute))" for more information.

    Attribute Mapping (Assigned Group Name)

    Specify the group name to be included in Attribute Information (AttributeValue) in SAML responses.

    Refer to "Adding SAML Applications (Attribute Mapping (Assigned Group Name))" for more information.

    [ Reference ]

    The SAML ID provider information required for a federation with external services is displayed on the “ID Provider” tab.