9.6 Editing a SAML 1.1 Trusted Service Provider’s Metadata

Access Manager allows you to obtain metadata for SAML 1.1 providers. However, metadata for SAML 1.1 might not be available for some trusted providers. Therefore, Access Manager allows you to enter metadata manually. The page for this is available if you clicked the Manual Entry option when you created the trusted provider.

For conceptual information about how Access Manager uses SAML, see Section B.0, Understanding How Access Manager Uses SAML.

  1. In the Administration Console, click Access Manager > Identity Servers > Edit > SAML 1.1 > [Service Provider] > Metadata.

  2. If you want to reimport the metadata, click View, then click Reimport.

    Follow the on-screen instructions to complete the steps in the wizard.

  3. Click Edit.

    SAML 1.1 identity provider manual metadata entry

  4. Fill in the following fields:

    Supported Version: Specifies which version of SAML that you want to use.

    Provider ID: (Required) Specifies the SAML 1.1 metadata unique identifier for the provider. For example, https://dns.name:port/nidp/saml/metadata.

    Metadata expiration: Specifies the date upon which the metadata is no longer valid.

    Want assertion to be signed: Specifies that authentication assertions from the trusted provider must be signed.

    Artifact consumer URL: Specifies where the partner receives incoming SAML artifacts. For example, https://[dns:port]/nidp/saml/spassertion_consumer.

    Post consumer URL: Specifies where the partner receives incoming SAML POST data. For example, https://[dns:port]/nidp/saml/spassertion_consumer.

    Service Provider: Specifies the public key certificate used to sign SAML data. You can browse to locate the service provider certificate.

  5. Click Finish.