Versions Compared

Version Old Version 1 New Version Current
Changes made by

Ashhad Alam

Ashhad Alam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page helps you in exposing the metadata of multiple Identity Providers to Adeptia Connect. The steps may vary for different IdPs (e.g. SSO Circle, Keycloak, Okta, etc.). For a clustered set up, you can repeat the steps given in every node of the environment. Exposing IdP metadata to Adeptia Connect allows the Service Providers to read the details of IdP Server.

...

You can find this variable in the portal section of the global values.yaml file.

Variable NamePossible valuesExampleDescription
SAML_SSO_IDPS_CONFIGURATION_0_METADATA_LOCATION

Complete path of the IdP metadata file including its name.

file:///shared/subfolder/IdP.xml

The IdP metadata file can lie in any folder in the PVC.

classpath:<name of the IdP metadata file>

classpath:IdP.xml

The IdP metadata file must lie within any classpath folder, for example, ext.

Metadata URL.https://ssocircle.com/metadatametadata URL of the IdP server.

If you want to expose metadata of another IdP, you need to use the number in incremental fashion. You will be using number 1 (one) in the variable name for the next IdP, for example, SAML_SSO_IDPS_CONFIGURATION_1_METADATA_LOCATION.

...

Open the browser and type the below URL using IDP initiated SSO (for SSO Circle).

For Example, https://<IDP Server Host>/sso/idpssoinit?metaAlias=/publicidp&spEntityID=<value of SP entity Id>

Where,
spEntityID is the name that is specified in the metadata of your service provider.

Authenticating a user through non-default IdP server

If you have configured multiple IdPs, the users are by default authenticated through the default IdP. In case you want the user to be authenticated through a non-default IdP, you need to specify the registration Id of that IdP in the application URL as shown below.

Info

Registration Id is the name provided by the user to the IdP. In case of multiple IdP providers, the log out from SAML will happen only through the provider that has been set up as default. Even if you logout from a secondary provider, the log-out call will be directed to the default provider only.IdPs, you have corresponding registration Ids defined in their respective environment variables in the portal values.yaml file. You can use the environment variable SAML_SSO_IDPS_CONFIGURATION_0_REGISTRATION_ID to define the registration Id of one of the IdPs, and then use the number in incremental fashion in the variable to define the registration Id of the next IdP, for example, SAML_SSO_IDPS_CONFIGURATION_1_REGISTRATION_ID, and so on.


Panel
borderColorred
bgColorBlack
borderStylesolid
https://<Domain name or IP>/?registrationId=<registration_Id>

Landing to a specific page in Adeptia Connect

In case the users want to land to a specific page in Adeptia Connect after getting authenticated through a non-default IdP, they need to specify the enter the application URL in the format as shown in the example below.

Panel
borderColorred
bgColorBlack
borderStylesolid

https://<Domain name or IP>/?registrationId=<registration_Id>#<dashboard/transactions/allMessages/all>

Where,

dashboard/transactions/allMessages/all is the application page where the user may want to land after logging in.


Related Topic

Login to Adeptia Connect with SAML