You must have the correct URLs for the service provider (SP) initiated flow and the identity provider (IdP) initiated flow. For both URLs, an application key is required. For information on the flow types, see High-Level Process Flow for SAML Interactions.
To configure the SP logons initiated from the Web Console to automatically redirect users to the IdP, see Redirecting Service Provider Initiated Logons for SAML Integration.
Before You Begin
Configure the provider metadata. For information on configuring metadata, see Configuring Provider Metadata.
Procedure
-
From the CommCell Console ribbon, on the Home tab, click Control Panel.
-
In the CommCell section, click Identity Management.
-
In the Identity Management dialog box, select the SAML application, and then click View to see the application key on the General tab.
-
Use Base64 to encode the application key before using it as the samlAppKey value.
Tip
The complete URL for the service provider initiated flow is provided in the SP Initiated Link box.
What to Do Next
Use the application key as the samlAppKey value:
-
Service Provider Initiated
The link to the Web Console from the customer's portal must be the URL of the Web Console appended with /initiateSaml.do?samlAppKey={Base64 encoded application key}, for example: http://client.mydomain.com:80/webconsole/initiateSaml.do?samlAppKey=RUSAMPIxRDQ1N0EzNENF.
-
Identity Provider Initiated
When the IdP redirects the user to the Web Console URL, the redirect must be the URL of the Web Console appended with /samlAcsIdpInitCallback.do?samlAppKey={Base64 encoded application key}, for example: http://client.mydomain.com:80/webconsole/samlAcsIdpInitCallback.do?samlAppKey=RUSAMPIxRDQ1N0EzNENF.
To redirect the user to a URL other than the Web Console URL, see Redirecting the Identity Provider Initiated Logons for SAML Integration.