WSO2 as IdP

Step 1: Setup WSO2 as Identity Provider

  • Login to your WSO2 admin console.
  • Select Add under the Service Providers tab.
  • Select mode as Manual Configuration.
  • Enter the Service Provider Name and click on Register button.
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Add Service Provider Manually
  • Select Upload SP certificate option under SP Certificate Type.
  • Copy the certificate from plugin and provide it into Application Certificate field.
  • You can also download the certificate file and upload it through Browse file option.
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Add Service Provider Manually
  • Under Claim Configuration, select Use Local Claim Dialect.
  • For Requested Claims, add http://wso2.org/claims/emailaddress as a claim URI.
  • Set Subject Claim URI to http://wso2.org/claims/nickname.
  • Under Inbound Authentication Configuration > SAML2 Web SSO Configuration, click Configure.
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Claim Configuration
  • Enter Issuer value as provided under the Service Provider Info tab of the plugin.
  • Enter Assertion Consumer URL (ACS) as provided under Service Provider Info tab and click on Add.
  • Check Enable Response Signing.
  • Check the Enable Attribute Profile and include attributes in the response always.
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Configuring Service Providers Meta Details
  • Check the Enable Audience Restriction.
  • Enter the Audience URL value provided under Service Provider Info tab of plugin and click on Add.
  • Check the Enable Recipient Validation. Enter the Recipient URL value provided under Service Provider Info tab of plugin and click on Add.
  • Click on Download IDP Metadata button save the IDP metadata file.
  • Click on Register to save the configuration.
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Enable Audience validation and Download IDP Metadata File
  • Click on Update on Service Providers page to save the configuration.
  • Select Resident under Identity Providers tab from the menu.
  • Enter Home Realm Identifier value that you want (usually your WSO2 server address).
  • SAML Single Sign On (SSO) using WSO2 as Identity Provider, Set Home Realm Identifier URL
  • Click on Update to save the changes.
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com