Creating URLs for SAML Interactions

You must have the correct URLs for the service provider (SP) initiated flow and the identity provider (IdP) initiated flow. For both URLs, an application key is required. For information on the flow types, see High-Level Process Flow for SAML Interactions.

To configure the SP logons initiated from the Web Console to automatically redirect users to the IdP, see Redirecting Service Provider Initiated Logons for SAML Integration.

Before You Begin

Configure the provider metadata. For information on configuring metadata, see Configuring Provider Metadata.

Procedure

  1. From the CommCell Console ribbon, on the Home tab, click Control Panel.

  2. In the CommCell section, click Identity Management.

  3. In the Identity Management dialog box, select the SAML application, and then click View to see the application key on the General tab.

  4. Use Base64 to encode the application key before using it as the samlAppKey value.

    Tip

    The complete URL for the service provider initiated flow is provided in the SP Initiated Link box.

What to Do Next

Use the application key as the samlAppKey value:

  • Service Provider Initiated

    The link to the Web Console from the customer's portal must be the URL of the Web Console appended with /initiateSaml.do?samlAppKey={Base64 encoded application key}, for example: http://client.mydomain.com:80/webconsole/initiateSaml.do?samlAppKey=RUSAMPIxRDQ1N0EzNENF.

  • Identity Provider Initiated

    When the IdP redirects the user to the Web Console URL, the redirect must be the URL of the Web Console appended with /samlAcsIdpInitCallback.do?samlAppKey={Base64 encoded application key}, for example: http://client.mydomain.com:80/webconsole/samlAcsIdpInitCallback.do?samlAppKey=RUSAMPIxRDQ1N0EzNENF.

    To redirect the user to a URL other than the Web Console URL, see Redirecting the Identity Provider Initiated Logons for SAML Integration.

Loading...