Setting up SAML 2.0 for Replicon
Replicon supports use with SAML 2.0. However, Replicon does not host its own identity provider for SAML 2.0, as it does with SAML 1.1. If you want to use SAML 2.0 with Replicon, you must enlist a third party identity provider.
For information on assigning SAML authentication settings to users, refer to Setting up users for single sign-on.
Setting up SAML in Replicon
Before you set up your identity provider, you need to enable SAML in Replicon and configure transfer settings.
You’ll need either the SAML 2.0 metadata XML file or the public key and transfer URL(s) from your identity provider to carry out this procedure. We recommend configuring SAML 2.0 using the metadata XML file, if you have that option.
If you are using ADFS Servers, you can download your metadata XML file from this location:
If you're using a different identity provider, contact them to find the location of the metadata XML file.
To set up SAML 2.0 in Replicon:
- Log in to Replicon.
- Go to Administration > System and Security > Security Settings.
- From the Authentication Providers section, click the Add Authentication Provider link.
An Add Authentication Provider dialog displays.
- From the Provider Type drop-down in the dialog that displays, select SAML 2.0.
- Either upload the metadata XML file from your identity provider in the Configuration Metadata field, or complete the following fields, with data from your provider:
- SSO HTTP Post URL
- SLO HTTP Redirect URL
- XML Signature Algorithm
- Public Key
- Click Save.
SAML 2.0 will now be enabled, and Replicon set up for use with your identity provider.
Setting up your SAML identity provider
Once you've enabled and configured Replicon, you can configure your identity provider. To do this, you’ll need the Replicon service provider metadata XML file. You can find this file at:
Talk to your identity provider if you need help with setup. We provide an example of configuring ADFS 2.0 to work with SAML 2.0 functionality in Replicon, for those using ADFS 2.0.
If your identity provider doesn't accept the metadata XML file, you can manually configure your provider.