...
Parameter Name | Mandatory | Description |
Service Provider’s XML metadata | Yes | SAML metadata of the Circulation Manager's Service Provider in an XML format. MUST contain exactly one SPSSODescriptor tag with at least one AssertionConsumerService tag with Binding attribute set to urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST. |
Service Provider’s private key | No | Private key used for encrypting and signing SAML requests. |
Identity Provider’s XML metadata | YesNo | SAML metadata of Identity Providers in an XML format. Used for non-federated IdPs that are not a part of any SAML federation. MAY contain multiple IDPSSODescriptor tags but each of them MUST contain at least one SingleSignOnService tag with Binding attribute set to urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect. |
List of Federated IdPs | No | List of federated IdPs. Currently, only the InCommon Federation is supported, but support for other federations can also be added in the future. |
Internal signing secret for OAuth and SAML bearer tokens | No | It's a sitewide configuration setting residing in on Sitewide Settings page and containing the secret used for signing Bearer tokens issued by SAML authentication provider and used by client applications to confirm their authentication status. |
Note |
---|
Please note that Circulation Manager supports both non-federated and federated IdPs simultaneously, but there MUST be at least one IdP configured. |
Anchorcreate_sp_data create_sp_data
Generating the Required Service Provider Data
create_sp_data | |
create_sp_data |
...
Configure IdP SAML Metadata
Circulation Manager supports two different types of SAML IdPs:
- Independent IdPs that are not a part of any SAML federation. In this case, you can use the IdP metadata in an XML format.
- Federated IdPs. Currently, only the InCommon Federation is supported, but support for other federations can also be added in the future.
...
Configure Non-Federated (Independent) IdP SAML Metadata
- Copy the text of the XML document you received for the Identity Provider's service
- Paste the text into the Identity Provider's XML metadata field, as shown below
...
Configure Federated IdP SAML Metadata
...