WSO2 as IdP

Setup WSO2 as Identity Provider

  1. Login to your WSO2 admin console.
  2. Select Add under Service Provider tab.
  3. Enter the Service Provider Name.
  4. Click on Register.
  5. Under Basic Information, check SaaS Application.
  6. Under Claim Configuration, select Use Local Claim Dialect.
  7. For Requested Claims, add http://wso2.org/claims/emailaddress claim URI
  8. Set Subject Claim URI to http://wso2.org/claims/nickname
  9. Under Inbound Authentication Configuration > SAML2 Web SSO Configuration, click Configure.
  10. Enter Issuer as SP-EntityID value provided under Service Provider Info tab. Eg. https://example.com/jira
  11. Enter Assertion Consumer URL (ACS) as provided under Service Provider Info tab. Eg. https://example.com/jira/plugin/servlet/saml/auth
  12. Check Enable Response Signing
  13. Check Enable Assertion Signing
  14. Check the Enable Attribute Profile and Include Attributes in the Response Always.
  15. Check the Enable Audience Restriction.
  16. Enter the Audience URL value provided under Service Provider Info tab and click Add Audience. Eg.https://example.com/jira
  17. Check the Enable Recipient Validation. Enter the Audience URL value provided under Service Provider Info tab and click Add Recipient. Eg. https://example.com/plugin/servlet/saml/auth
  18. Click on Register to save the configuration.
  19. Click on Update on Service Providers to save the configuration.
  20. Select List under Identity Providers tab from the menu.
  21. Click on Resident Identity Provider link.
  22. Enter Home Realm Identifier value that you want (usually your WSO2 server address). Eg. https://wso2.example.com
  23. Click on Update.