You configure SAML to authenticate to your Identity Provider (IdP) to obtain OAuth access tokens.

Note: To configure OAuth, you must create a separate SAML web app. Ensure that you do not use the SAML web app that you use to connect to the Control Room to configure OAuth.

To configure SAML connection details:

  1. From AuthConfig App page, select SAML Configuration on the left side of the page.
  2. Click New SAML configuration at the top of the page.

  3. The New SAML configuration dialog box displays:

    New SAML configuration dialog box
    1. Enter the Connection name. The connection name is user defined.
    2. Enter the Connection sign-in URL. This URL information is provided in your external authentication provider and is typically referred to as IdP URL by most providers.
    3. Click Browse to locate your IdP public key. This key must be in the PEM format (.pem). The public key validates the IdP's signed response.
    4. Click Create.

      The SAML configuration is created and provides the configuration details.

    5. From the SAML configuration details section, select and copy the Entity ID and ACS URL values.
    6. Navigate to the SAML configuration page of your IdP.
      Note: You can perform step-e to step-h by downloading the SAML metadata URL from the AuthConfig App and uploading it directly into your IdP SAML configuration. The field values get auto-populated.
      • The Entity ID value in the SP Entity ID field of your IdP. Most IdPs use the SP Entity ID field to identify the entity ID field. However, some IdPs might use a different name. In such a scenario, identify the entity ID field for the IdP and enter the Entity ID values.
      • The connection name configuration details display the ACS URL value in the ACS (Assertion Creation Service) URL field of your IdP.

SAML configuration details page

The ACS (Assertion Creation Service) URL directs your IdP where to send its SAML response after authenticating a user, and the Entity ID is the unique identifier of the IdP.

To delete the SAML configuration, click Delete at the top right of the page. A confirmation message displays asking if you want to delete the SAML configuration.

Note: If you delete the SAML configuration, Control Room users will not be able to obtain new access tokens using our OAuth2 service.

Click Delete to continue.