Federation Manager GuideGetting Started with a Simple PartnershipConfigure the IdP Partner › Configure the Partnership Entities

Previous Topic: Connect to the ODBC Directory

Next Topic: Create the IdP-to-SP Partnership

Configure the Partnership Entities

After establishing the user directory connection, you should identify the local and remote sides of the partnership. In the Federation Manager UI, each partner is referred to as an entity.

The following procedures tell you what values to provide for the local and remote entities. However, in a real network configuration, it may be common that each side creates a local entity, exports the local entity to a metadata file, then exchanges the files so that each side can define the remote entity.

To create the Local IdP

  1. From the Federation tab, select Entities.

    The View Federation Entities window opens.

  2. Click Create Entity.

    The Create Entity dialog displays.

  3. Make the following selections in the first step of the entity wizard then click Next.
    Entity Location

    Local

    New Entity Type

    SAML2 IDP

  4. Complete the fields in the second step of the wizard as follows then click Next.
    Entity ID

    idp1

    This value identifies the entity to the partner.

    Entity Name

    idp1

    This value identifies the entity object internally in the Federation Manager database. The partner is not aware of this value.

    Base URL

    http://idp1.example.com:9090

    Leave the other settings as they are.

    Note: The Entity Name can be the same value as the Entity ID, but the value must then not be shared with any other entity at the site.

  5. Review the settings in the last step and click Finish.

You return to the View Federation Entities window. Configure the remote partner.

To create the Remote SP Entity

  1. Begin at the View Federation Entities window.
  2. Click Create Entity in the Federation Entity List.

    The Create Entity dialog displays.

  3. Make the following selections in the first step of the entity wizard then click Next.
    Entity Location

    Remote

    New Entity Type

    SAML2 SP

  4. Complete the fields in the second step of the wizard as follows then click Next.
    Entity ID

    sp1

    This value identifies the entity to the partner.

    Entity Name

    sp1

    This value identifies the entity object internally in the Federation Manager database. The partner is not aware of this value.

    Assertion Consumer Service URL Group Box
    Index

    0

    Binding

    HTTP-Post

    URL

    http://sp1.demo.com:9091/affwebservices/public/
    saml2assertionconsumer

    Default

    Select the checkbox in this column for the entry row.

    Leave the other settings as they are.

  5. Review the settings in the last step and click Finish.

The remote SP entity is configured.

After the local and remote entity are configured, you can now create a partnership.