Hi all, what are the prerequisites that i need from client to configure SAML other than idp ?
Hi Rachana, Setting up an ADFS trust isn't rocket sience, but having a functional admin at the ADFS site is really important and having the ADFS Metatdata XML present. There are some overall steps to make for the configuration:
Fill in the tab ‘SP Configuration’ with all required field.
The default entity id is based on the environment URL, depending on the configuration if it's a mendixcloud or a onpremise.
Use encryption based on SHA256-RSA with a key length 2048 bits. In basis there isn’t a keystore needed, unless you want to create you're own certificates.
The configuration is based on extending files with the ADFS server done by an user there. Start a new LDP configuration.
The ADFS Metatdata XML is normally found at an address like: https://mycomp/FederationMetadata/2007-06/FederationMetadata.xml
Fill out the complete wizard, but take note that:
Authentication context classes: “Integrated Windows Authentication” (login based on workstation) & “Password” (login based on username and password)
Identifying assertion type: IdP Provided
The wizard will create a SP ADFS Metadata file that must be used at the ADFS site.
I hope this will give you some info on how to configure an ADFS trust.