...
...
...
...
...
...
...
...
...
...
...
...
...
...
Info |
---|
This article is valid for Smart ID 20.11 and later. |
...
Expand | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
Configure SAML in Smart ID Self-Service Smart ID Self-Service has additional configuration options directly in the program.
SAML and automatically redirecting are enabled by default, you can change this behavior in config.json.
Set up communication between Smart ID Self-Service and Identity Manager
|
...
Expand | |||||
---|---|---|---|---|---|
| |||||
To have a secure communication between the identity provider and Identity Manager, server certificates must be provided by each server. Example - Add server certificate in Digital Access component:
|
Set up identity provider, for example Digital Access component
Expand | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
Private keys are used to digitally sign SAML messages and encrypt their content. Both parties need their own key-pair that could be created in self-signed mode (for testing purpose) or received from a public key infrastructure (for productive systems). Example - Enable Digital Access to use the SAML certificate for signing:
|
...
Expand | ||
---|---|---|
| ||
The identity provider must be configured to define the SAML federation with the service provider, using the metadata created in Identity Manager. Example - Add service provider in Digital Access:
|
...
Expand | ||
---|---|---|
| ||
After the service provider was configured successfully in the identity provider, the SAML metadata must be downloaded and uploaded in Identity Manager. Example - Download the metadata from Digital Access:
|
Upload identity provider metadata to Identity Manager
Expand | ||
---|---|---|
| ||
After the metadata files have been created they must be uploaded to the authentication profile in Identity Manager Admin. This section describes how to upload the identity provider metadata files.
|
Additional information
Expand | ||
---|---|---|
| ||
...