Name
|
This is the provider name.
|
Enable Partner
|
Select whether this partner is currently participating in the federation.
|
Description
|
This is a brief description of the provider. (Optional).
|
Protocol
|
This is the provider protocol (SAML 1.1, SAML 2.0 or OpenID 2.0).
|
Service Details
|
Select whether to enter service details manually or load from metadata. If selecting the latter, browse for the metadata file. Applies to SAML 2.0 only.
|
Metadata File
|
This field appears if loading metadata from a file. Click Browse to select a file to use. Applies to SAML 2.0 only.
|
Provider ID
|
The provider ID or issuer ID of the remote Service Provider. Applies to SAML 2.0 and SAML 1.1 only.
|
Assertion Consumer URL
|
A URL to which Assertion responses are sent. Applies to SAML 2.0 and SAML 1.1 only.
|
Load Signing Certificate
|
Upload the signing certificate used by this SP. Only visible when Enter Manually is selected. Applies to SAML 2.0 and SAML 1.1 only.
|
Logout Request URL
|
A URL to which logout requests are sent. Applies to SAML 2.0 only.
|
Logout Response URL
|
A URL to which responses to logout requests are sent. Applies to SAML 2.0 only.
|
Load Encryption Certificate
|
Upload the encryption certificate used by this SP. Only visible when Enter Manually is selected. Applies to SAML 2.0 only.
|
NameID Format
|
Indicates which NameID format should be used for this SP. Applies to SAML 2.0 and SAML 1.1 only.
See Using SAML 2.0.
See Using SAML 1.1.
|
NameID Value
|
Indicates how to populate the NameID Value. Applies to SAML 2.0 and SAML 1.1 only.
-
If User ID Store Attribute is selected, specify the user attribute to be used.
-
If Expression is specified, enter the expression to be used
|
Attribute Mapping Profile
|
Indicates the attribute mapping profile to which the partner is bound. Applies to SAML 2.0 and SAML 1.1 only.
|
User Identity Store
|
This is the identity store in which the IdP's users will be located and mapped. Identity Federation supports multiple identity stores, defined on a per-partner basis. If no user identity store is selected, the default store defined for Access Manager is used.
|
User Search Base DN
|
This is the base search DN used when looking up user records. (Optional. If omitted, the default user search base DN configured for the selected user identity store is used.)
|
Enable Global Logout
|
Indicates whether or not OIF should notify the remote partner when the user is signing off, during the logout flow. Applies to SAML 2.0 only.
|
SSO Response Binding
|
Indicates whether the SAML Assertion should be sent back from the IdP using the HTTP POST Binding or the Artifact Binding, Applies to SAML 2.0 and SAML 1.1 only.
|
Encrypt Assertion
|
Indicates whether or not the Assertion should be encrypted for this partner. Applies to SAML 2.0 only.
|
Realm
|
The URL identifying an OpenID SP. Applies to OpenID 2.0 only.
|
Endpoint URL
|
The URL to which the IdP will redirect the user with the OpenID Assertion. Applies to OpenID 2.0 only.
|