Previous Topic: Create the Local IdP to Remote SP PartnershipNext Topic: Select Federation Users

Single Sign-On ServiceSSO Getting Started GuideSSO using a Third-party IdP and Self-registrationConfigure Federated PartnershipsCreate the Local IdP to Remote SP PartnershipIdentify the Partnership

Identify the Partnership

Follow these steps:

  1. Select Federation, Partnership Federation, Partnerships.
  2. Click Create Partnership.
  3. Select SAML2 SP -> IdP.

    Selecting this option indicates that you are the local SP and that the IdP is a remote partner.

    You come to the first step in the partnership wizard.

  4. Complete the following fields
    Partnership Name
    Local SP

    Select the local SP. Example: cloudhost.ca.com.

    Remote IdP

    Select the remote ID. For example, Facebook.com

    Skew Time (Seconds)

    Accept the default

    The skew time is the difference between the system time on the local system and the system time on the remote system. Usually, the inaccuracy of system clocks causes this condition. Determine the skew time number by subtracting the number of seconds from the current time.

    The system uses the skew time and the SSO validity duration to determine how long an assertion is valid.

  5. Move the cloud host directory from the Available Directories list to the Selected Directories list.

    If you configure only one user directory, that directory is automatically placed in the Selected Directories list.

  6. Click Next to go to the Federation User step.

Note: If you are editing a partnership, you can click Get Updates next to this field to update the entity information. The latest information from the entity configuration is propagated to the partnership. However, if you edit the entity information directly from the partnership, the changes do not get propagated back to the individual entity configuration.