This module supports generic SAML authentication. It supports the use of metadata files to configure the settings on both provider and service side. You can still populate the fields manually if desired, but the result may not be fully functional, and those details are left to the customer. You will also want to review the general Auth Module document for more information on authentication as a topic.
- Redirect URL as with other modules should be your server FQDN/sso (e.g. https://myserver.myorg.com/sso)
- Group Attribute is exactly that, the name of the attribute in your SAML instance that holds the group information, so we can resolve group membership.
Configure with metadata
- Click Settings on the left-hand nav menu, then select the Account Setup topic. From the menu at the top, select SAML and click Save.
- Still on the Settings page, select the Advanced topic. You will see the SP metadata file listed there (saml-sp-metadata.xml). Click on it to download. Use this metadata file on your SAML IdP server.
- From the SAML server, get the IdP metadata file. Change the file name to “saml-idp-metadata.xml”, then drag and drop the file onto the Advanced panel where it says “Drag a configuration file here…”
- Refresh the window and switch back to the Account Setup topic on the Settings page. Check the setting to make sure they are what you want them to be. If you make any changes, be sure to click Save.