Manually configuring your SAML 2.0 identity provider

Once you've set up Replicon for use with your SAML 2.0 identity provider, you'll need to configure your identity provider for use with Replicon.

In most cases, you should only need your metadata xml file to set up your identity provider. If you need to manually configure your identity provider (that is, it requires SSO and SLO URLs, and a certificate), you can find or derive the required data from your metadata xml file. See below for details.

Talk to your identity provider if you need help with setup. We provide an example of configuring ADFS 2.0 to work with SAML 2.0 functionality in Replicon, for those using ADFS 2.0.

Obtaining the data required to manually configure a service provider

Your Replicon service provider metadata xml file is located here:

https://global.replicon.com/!/saml2/<YourCompanyKey>

In this file:

The Service Provider single sign on (SSO) URL is located in the Location attribute of the AssertionConsumerService element. For example:

<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://global.replicon.com/!/saml2/YourCompanyKey/sso/post" index="1" isDefault="true" />

The Service Provider single logout (SLO) URL is located in the Location attribute of the SingleLogoutService element. For example:

<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://global.replicon.com/!/saml2/YourCompanyKey/slo/redirect" />

You can create a certificate by doing the following :

  1. Create a new file with a .cer extension using a text editor.
  2. Enter the following text in the file:

For the first line, type:

-----BEGIN CERTIFICATE-----

For the second line, copy the content inside the <X509Certificate> </X509Certificate> element tags in the metadata xml.

For the  last line, type:

-----END CERTIFICATE-----

The file content should look something like this: