Identity Provider Settings
The IdP (Identity Provider) settings can be found under the navigation link Identity Provider, Identity Provider Settings tab.
The metadata settings are pre-populated with the options selected during the installation. The following fields are available to edit:
|Entity ID||Entity ID is globally unique name for a SAML entity. Entity ID should be permanent and chosen with care. You can use the IdP URL or your company name.|
|Metadata Signing Algorithm||The algorithm which is used to produce a hash value. It's used to digitally sign an XML document (Metadata is an XML document) so that the relying party (Service Provider) can assert the issuer of metadata is indeed the IdP. Recommended setting: RSA-SHA256.|
|Wants Signed Requests
(Authn And Logout)
|This is an IdP setting which enforces security by forcing service providers to sign requests (XML documents). Requests are signed using SP's
|Organisation Name||The organisation name displayed in the metadata.|
|Organisation Display Name||The organisation display name, used in messages displayed to the user, such as "Powered by..."|
|Organisation URL||The URL of your organisation|
The certificate and private key are pre-populated from the installation process, this area allows new certificates to be uploaded.
The contacts list is populated within the IdP metadata, which is shared with other service providers and federations. It is generally expected to include an administrative and support contact within the metadata.
The list of HTTP(s) endpoints available to third parties. The metadata link is provided which will open to a new window. This metadata URL should be shared with third parties who wish to integrate with AuthStack. When changes are made to the IdP settings the metadata is automatically updated as it is created dynamically.