Search Results :

×

CA Identity As IDP for Moodle

Step 1: Setup CA Identity Manager as Identity Provider

Follow the steps below to configure CA Identity Manager as IdP

miniorange img Configure CA Identity Manager as IdP

  • In the miniOrange SAML 2.0 SSO plugin, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the Identity Provider.
    • moodle saml upload metadata

    Note: For Single Sign On, make sure to install and setup CA SSO (formerly known as SiteMinder) with CA Identity Manager.

  • Log in to your CA SSO portal as a CA Single Sign-On administrator.
  • Click on Federation tab.
  • Now go to Partnership FederationEntities.
    • CA Identity sso-1

    miniorange img Create a Local Identity Provider

    • Click on Create Entity.
      • CA Identity sso-1
    • To create a local entity, configure the following:
      Entity Location Local
      Entity Type SAML2 IDP
      Entity ID Enter an ID for your local identity provider for identification.
      Entity Name Create a name for your local identity provider.
      Base URL Enter the fully-qualified domain name for the host service CA SSO Federation Web Services.
      Signed Authentication Requests Required No
      Supported NameID format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
      urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
      CA Identity sso-2

    miniorange img Create a Remote Service Provider

    • Download Metadata XML File from the Service Provider Metadata Tab of the miniOrange SAML SSO plugin.
    • Click on Import Metadata and upload the downloaded XML metadata file.
      • CA Identity sso-4
    • For Import As, select Remote Entity.
    • Provide a name for the Remote Service Provider Entity.
      • CA Identity sso-6

    miniorange img Create a Partnership between SP and IDP

    • For creating a partnership, configure the following:
      Add Partnership Name Enter a name for your partnership.
      (Optional) Description Enter a relevant description for your partnership.
      Local IDP ID Enter the Local Identity Provider ID created while adding a Local Entity.
      Remote SP ID Enter the Remote Service Provider ID created while adding a Remote Entity.
      Base URL This field will be pre-populated.
      Skew Time Enter any skew time required by your environment.
      User Directories and Search Order Select the required directories in the required search order.
  • On the Federation Users page, add the users you want to include in the partnership.
  • In the Assertion Configuration section, configure following:
    • Name ID Format: Email Address
    • Name ID Type: User Attribute
    • Value: mail
    • (Optional) Assertion Attributes: Specify any application or group attributes that you want to map to users
    • CA Identity sso-6
  • In the SSO and SLO section, perform the following steps:
    • SSO Binding: HTTP-POST
    • Transactions Allowed: Both IDP and SP initiated
    • wordpress saml ca-identity sso
  • In the Signature and Encryption section, select Post Signature as Sign Both.

    • miniorange img Activate Partnership

    • In the Federation Partnership List, expand the Action dropdown for your partnership and click Activate.
    • To get the IDP metadata, Click the Action button and click Export Metadata. This data will be used to configure the plugin.
Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com