Identity provider - SAML
- Kiss, Mate
Owned by Kiss, Mate
AVAILABLE IN 9.7.6 AND LATER
Overview
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
AD FS configuration for VFC SAML Identity Provider
Configuration
| Item | Description |
|---|---|
| Name | The name of the Identity provider configuration. This can be anything |
| Type | Select SAML. |
| Verba Login ID does not Contain Domain | If the login IDs on the VFC side contain the domain part, then untick this option. |
| Strict (Verify Signatures) | If you VFC to verify the signature of the certificate of the SAML login page, then tick this option. Otherwise, untrusted certificates will be accepted also. |
| Service Provider Entity ID | Provide the URL of the VFC server in the following format: https://server-fqdn/verba |
| Identity Provider ID | Provide the URL of the AD FS server in the following format: https://server-fqdn/adfs/services/trust |
| Identity Provider Login URL | Provide the URL of the AD FS server in the following format: https://server-fqdn/adfs/ls |
| Identity Provider Certificate | Provide the token signing certificate of the AD FS server. See AD FS configuration for VFC SAML Identity Provider step 21. |
| Sign Authentication Request | Tick this option if you want the VFC side to sign the authentication requests. In this case, the signing certificate also has to be configured on the AD FS side. |
