Follow the steps below to configure CA Identity Manager as an Identity Provider.
To configure CA Identity Manager, you need the metadata of the service provider. Go to the Add-on tab for SP Info and click on the link for metadata in Step In the new tab, SP metadata is generated. Right-click it and choose Save As to save it as an XML on your system.
Login as Administrator
Enable SSO for Your App Using SAML
Identity Provider Information
Service Provider Information
|Information to be entered in CA||Information to copy from the add-on|
|Assertion Consumer Service URL||ACS URL|
|Entity ID||SP Entity ID|
|NameID Format||Email Address|
|Certificate||Download the certificate provided in SP Info tab and upload it here|
Create a Rule
NOTE: If you click on Test Configuration button in Service Provider Setup tab and authenticate with your IDP, you can see a list of attributes sent by the IDP in the Attribute/Role mapping tab. This information can be used to provide the above mapping.
In the standard plugin, you can choose a default role which will be assigned to all the non-admin users when they perform SSO.
In the Standard plugin you can enable SP-initiated SSO using the following options.
NOTE: Please enable the Backdoor login and note down the backdoor URL. This will allow you to access the WordPress login page in case you get locked out of the IDP.
If you are looking for anything which you cannot find, please drop us an email on email@example.com