Versions Compared

Old Version 5

changes.mady.by.user sneha.tripathi

Saved on

compared with

New Version Current

changes.mady.by.user Prasanna Nagaraj

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
minLevel2

...

  1. Select Configure Single Sign-On or click Single sign-on from the application’s left-hand navigation menu.

    The next screen displays the options to configure single sign-on.


  2. Navigate to SAML Signing Certificate section and select Certificate (Base64) to download the file.
    Image Modified

  3. Select Save File and specify the file location to download the file.

    If the export is successful, the certificate is saved at the location that you specified. You can open the certificate in any text editor, like Notepad.

Configure SAML Single Sign-On in Intelligent Service Management

You can add multiple SAML single sign-on configurations to Intelligent Service Management. This allows a single Intelligent Service Management system to support different organizations that may have a different SSO/SAML setup. To enable Single Sign-On, configure Intelligent Service Management to trust assertions that are sent by the IdP.

...

  1. Navigate to MANAGE> ADMINISTRATION> Tools> Slice Configuration> Single Sign On.
  2. To add an SSO configuration, click the + icon and perform the following actions:                 
    1. Enter the domain name, IdP login URL, and optionally redirect URL for logout.
    2. Copy the entire text from your Signing Certificate and paste it into the Identity Provider Certificate text box.
    3. Enter the email domain in Email Domain Tags text field. The email domain helps decide the ticket URL for outbound communications and the logout URL of the logged in user. You can add multiple email domains separated by semicolon.
    4. Add multiple SSO configurations if your organisation supports more than one email domains.
    5. Create an entry with default Authorization domain information to support domains that do not use SSO.  Set Authorisation Domain to Default_<Slice number> and Email Domain Tags to specific domain or empty. This ensures that default URL (Non SSO URL) is sent in any communication sent out by the system.

...

     5. To enable or disable an SSO, click Enable or Disable according to your choice.

          

6. For the Identity Provider Login URL,

Note: The value for Azure AD https://login.microsoftonline.com/{tenant-id}/saml2 

where {tenant-id} is replaced with your tenant ID. (Find it in the Azure portal under Azure Active Directory > Properties as Directory ID.)

After the Single Sign-On is configured in Intelligent Service Management, the metadata becomes available online. The URL to the metadata file varies for different instances of the application. Consider the following examples:

...