General | |
---|---|
Support SAML login | Enable Single Sign-On. When enabled this replaces the normal login. |
Login without single sign-on also available | Enable this to allow normal login and SAML at the same time. When enabled the user is asked when logging in, which authentication method to use. See the Page Flow for more information. |
IDP Configuration | |
---|---|
Configuration of the Identity Provider authenticating users. Most settings are usually imported from the IdP generated metadata.xml file. | |
Issuer ID | ID of the IdP used when validating received SAML objects. |
SSO Authentication URL | URL to use when authenticating a user. |
Artifact Resolution URL | URL of the IdP when employing Artifact Binding. If this URL is empty POST Binding is used instead. |
Authentication Contexts | Select the context offered by the IdP. |
User UID | Specify the name of the attribute which should be used as unique identifier for the user. Its recommended to use the email address attribute as unique id. |
User Roles | Specify the name of the attribute which specifies the roles the authenticated user should be a member of. Click the Advanced button to use a role mapping based on IdP attributes. |
User Field Mappings | Manage the additional attributes that should be mapped to the users metadata. |
Certificate | List of certificates in X.509 DER format which can be used to validate messages sent by the IdP |
Import | Instead of entering the IdP configuration manually, AWP also supports importing the IdP metadata which will import Issuer ID, SSO Authentication URL, Artifact Resolution URL and the certificates if available. * Metadata File: Select the IdP metadata.xml for import * Metadata URL: Enter the URL where the IdP offers its metadata information. This avoids the additional step of downloading the file manually. |
Please see the setup guide for more information.