Authentication Types - SAML

Form Fields

• Name - The name of the authentication profile.

• Status - The status of the authentication profile.

• Settings (Identity Provider)

  • Entity ID - A unique identifier for your SAML enabled IDP.

  • Single SignOn Service - An endpoint on your IDP used to receive incoming authentication requests, process and return the user authenticated.

  • Single Logout Service - An endpoint on your IDP to receive incoming logout requests and send logout responses.

  • Certificate - Certificate data.

  • NameID Format - The expected format of the name id element of the SAML response. This must match the username in Unified Assurance.

• Settings (Service Provider) - These fields are read-only in Unified Assurance and will be added to your Identity Provider

  • Entity ID - A unique identifier for your SAML enabled SP.

  • Assertion Consumer Service - An endpoint for the IDP to send an authenticated user.

  • Single Logout Service - An endpoint on the SP to send logout requests.

  • Certificate - Certificate data.

Best Practices

To setup SAML external authentication:

1. The values in the "Settings (Service Provider)" section should be given to your organizations SAML administrators for the back-end configuration.

2. The values in the "Settings (Identity Provider)" section should be provided from your organizations SAML administrators, including:

   Note:

   In other IdP configurations, it is possible that "Single SignOn Service" and "Single Logout Service" may have multiple entries, with each entry being a different link for different connection methods (or binding), like HTTP-SOAP, HTTP-POST, etc. Unified Assurance SAML only supports using the "HTTP-Redirect" method.

   • Entity ID

   • Single SignOn Service

   • Single Logout Service

   • Certificate

   • (Optional): NameID Format

3. Enter the values provided into the form, then click on the "Submit" button.

4. Restart the Unified Assurance web service:

   systemctl restart assure1-web
   

5. Go to the "Users" UI and create new users or update existing ones to use the SAML authentication type:

   Configuration -> AAA -> Users

6. Test authentication using the SAML user(s).

Default Settings

• Status

• Settings (Identity Provider)

  • Entity ID

  • Single SignOn Service

  • Single Logout Service

  • Certificate

  • NameID Format

• Settings (Service Provider)

  • Entity ID

  • Assertion Consumer Service

  • Single Logout Service

  • Certificate

---

Title and Copyright Information

User’s Guide

F59704-01

Copyright © 2022, Oracle and/or its affiliates.