To Configure Trust Between Service Providers and Identity Providers

Before You Begin

You must have metadata files specific to each provider you are configuring. Access Manager includes sample metadata XML files that you can modify for your purposes. See sample1 Directory for more information.

1. Load the hosted and remote provider metadata XML files to Access Manager using the amadmin command line interface.

   See Creating and Configuring Entities using amadmin for information.

2. Login to the Access Manager console as amadmin, the default administrator.

3. Under Federation, click the Authentication Domains tab.

4. Select New.

   The new Authentication Domain attributes are displayed.

5. Create the authentication domain and click OK.

   See To Create An Authentication Domain for information.

6. Under Federation, click the Entities tab.

7. Select the name of a provider.

   The provider was created when the metadata was loaded. The General attributes for the chosen provider are displayed.

8. Select the appropriate provider type from the View pull down menu.

9. Scroll down to Authentication Domains, select the authentication domain just created and click Add.

   The authentication domain will be moved under Selected.

10. Click Save to store the change.

    Repeat this configuration for all providers (remote and hosted) with which you want to establish trust.

11. Under Federation, click the Authentication Domains tab.

12. Select the name of the authentication domain which was previously created.

    The General attributes are displayed.

13. Under Providers, click Add.

    The Select Trusted Partner Type and Profile page is displayed.

14. Select the appropriate provider(s) as trusted members of the authentication domain and click Add.

    The provider(s) will be moved under Selected.

15. Click OK to save the change.

16. Click Save to store the change.

    Trust is now established between the appropriate providers.