Views:
Configuring SAML Authentication in Licensing Management Platform requires that you configure Licensing Management Platform and Identity Provider (IdP) information on both consoles in order to facilitate communication between the systems.
Note
Note
Your IdP may use different terminology. For more information consult your IdP's documentation.

Procedure

  1. In the Licensing Management Platform console, go to AdministrationSAML Authentication.
    The SAML Authentication screen appears.
  2. In the Service Provider Metadata section, copy or download the following information that you need to provide to your IdP:
    • Service Provider entity ID: Identifies the Service Provider application
    • Single Sign On URL (ACS): The endpoint URL responsible for receiving and parsing a SAML assertion (also referred to as Assertion Consumer Service)
    • Certificate: The encryption certificate (verification certificate) in X.509 format
  3. In your IdP, configure Licensing Management Platform as a SAML application. Use the information provided in the following table if required by your IdP.
    Setting
    Value
    Service Provider entity ID
    Obtained in step 2
    Single Sign On URL (ACS)
    Obtained in step 2
    Certificate
    Obtained in step 2
    Application username
    Email
    Assertion Signature
    Unsigned
    Signature Algorithm
    RSA-SHA256
    Digest Algorithm
    SHA256
    Assertion Encryption
    Encrypted
    Authentication context class
    X.509 Certificate
    Attribute Statements
    • Name: FED_ID
    • Name format: Unspecified
    • Value: user.FED_ID
    Important
    Important
    Required in order to associate Licensing Management Platform user names with Identity Provider user accounts.
  4. In order to link your IdP user accounts to Licensing Management Platform user accounts, you must create a custom attribute in your IdP. Use the information provided in the following table if required by your IdP.
    Setting
    Value
    Data type
    string
    Display name
    FED_ID
    Variable name
    FED_ID
    Attribute required
    Yes
    Important
    Important
    To map a user's Licensing Management Platform account credentials to their IdP user account, you need to specify their Licensing Management Platform account name as the value of the FED_ID attribute in their IdP user account settings.
  5. Obtain the necessary information from your IdP and configure the Identity Provider (IdP) Settings:
    1. Beside IdP integration, select Enable.
    2. Specify the following Identity Provider information:
      Item
      Description
      IdP display name
      Used to identify the IdP on the Licensing Management Platform console (for example, on the Sign In screen)
      IdP entity ID / issuer
      Identifies the IdP application
      IdP Single Sign On URL
      The endpoint dedicated to handle SAML transactions
      Certificate
      The encryption certificate (signing certificate) in X.509 format
    3. Click Save.