Setting up a SAML Client with AdminUI and SAML2P
In order to set up a new SAML Service Provider client you will need to Navigate to /clients and click the "Add Client" button and select SAML Service Provider from the list of client types.
*Note you will need a license for SAML2P in order to integrate with a SAML Client. You can get a demo license by visiting our SAML2P product page
If you have a SAML metadata document from the SAML Identity Provider you are connecting to, you can fill in most of these fields using that.
| Name | Type | Description |
|---|---|---|
EntityID |
SAML Entity ID | SAML Entity ID (This will be in the metadata document) |
DisplayName |
Client display name | Client Display Name used in AdminUI, this has no effect on the Client itself |
Description (Optional) |
Description of the client | Description of the Client, may be left blank. |
ASC Endpoint (http:// or https://) |
AssertionConsumerService | AssertionConsumerService, can be found in your metadata file, made of an Endpoint, an Index and a binding type. |
SLO Endpoint (Optional) (http:// or https://) |
SingleLogoutService | SingleLogoutService, can be found in your metadata file, made of an Endpoint, an Index and a binding type. |
*ACS/SLO Endpoints are required to be in a valid http:// or https:// format. Although it is always recommended to use TLS in production for security.
If additional ACS/SLO Endpoints are required, they may be set after Client creation in the Client Configuration pages. Find out more info on how to configure a SAML Client
The next screen allows you to enter the Identity Resources your client will be able to access. This list comes from the list of predefined Identity Resources. You must select at least one Identity Resource to proceed to the next screen.
The final screen allows you to view the summary of the proposed client application and make any appropriate changes.
Configuring a SAML Client.
Once a SAML Client has been created it can be further configured by finding the Client within the Clients page and clicking on it. Here it is possible to modify more advanced settings, add additional resources, modify ACS/SLO Endpoints and access audits specific to the Client.
The SAML tab contains the Clients SAML specific settings;
| Name | Description |
|---|---|
ACS Endpoints |
Add, remove or edit ACS endpoints |
SLO Endpoints |
Add, remove or edit SLO endpoints |
Claims Mappings |
Map AdminUI Claim Types to Saml ClaimTypes |
Request |
Add, remove and configure signing certificates |
Response |
Add, replace or remove and configure an encryption certificate |
To find out about all of the possible configurable options for a SAML Service Provider, vist our SAML2P documentation