Once you've set up Replicon for use with your SAML 2.0 identity provider, you'll need to configure your identity provider for use with Replicon.
In most cases, you should only need your metadata xml file to set up your identity provider. If you need to manually configure your identity provider (that is, it requires SSO and SLO URLs, and a certificate), you can find or derive the required data from your metadata xml file. See below for details.
Talk to your identity provider if you need help with setup. We provide an example of configuring ADFS 2.0 to work with SAML 2.0 functionality in Replicon, for those using ADFS 2.0.
Your Replicon service provider metadata xml file is located here:
In this file:
The Service Provider single sign on (SSO) URL is located in the Location attribute of the AssertionConsumerService element. For example:
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://global.replicon.com/!/saml2/YourCompanyKey/sso/post" index="1" isDefault="true" />
The Service Provider single logout (SLO) URL is located in the Location attribute of the SingleLogoutService element. For example:
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://global.replicon.com/!/saml2/YourCompanyKey/slo/redirect" />
You can create a certificate by doing the following :
For the first line, type:
For the second line, copy the content inside the <X509Certificate> </X509Certificate> element tags in the metadata xml.
For the last line, type:
The file content should look something like this: