Base Configuration
Copy
Metadata for the identity and service providers must be configured to set up the base SAML 2.0 plugin configuration. The metadata contains all necessary information for communication between the providers.
The following is an example of the base SAML 2.0 plugin configuration:
{
"Name": "Aras.OAuth.Server.Plugins.Saml2Authentication",
"Enabled":true,
"Options": [{
"AuthenticationType": "<AuthenticationType>",
"DisplayName": "<DisplayName>",
"ServiceProviderOptions": {
"EntityId": "<ServiceProviderEntityId>"
},
"IdentityProviderOptions": {
"EntityId": "https://idp.example.com"
}
}]
}
Note
Ensure that the JSON is valid. The ',’ symbol should appear between configuration sections. Also, ensure that Options is a JSON array with at least one object.
This configuration example allows to specify the following parameters:
- AuthenticationType: Describes the name of the authentication scheme added to the OAuth server.
- DisplayName: The label that appears in the Login with dropdown on the Aras Innovator login page.
- ServiceProviderOptions: The options for configuring the service provider.
- EntityId: The unique identifier of the service provider (required).
- IdentityProviderOptions: The options for configuring the identity provider.
- EntityId: The unique identifier of the identity provider (required). If EntityId is a URL, it can be used by the service provider to load the identity provider metadata. If the metadata is not located by the URL, refer to the Configuring Identity Provider Metadata section to configure the identity provider metadata.
To make this base configuration work, it is necessary to configure service provider metadata in an identity provider management system after configuring the identity provider metadata (see the description of the EntityId property). For instructions, refer to the Configuring Service Provider Metadata section.
Note
IIS must be restarted after installing the SAML 2.0 authentication plugin.