Federation Guides › Partnership Federation Guide › Authentication Context Processing (SAML 2.0) › Configure an Authentication Context Template › Set up an Authentication Context Template

Set up an Authentication Context Template

Set up an authentication context template to implement authentication context processing. This procedure is the same for an Identity Provider or Service Provider.

Follow these steps:

1. Log in to the Administrative UI.
2. From the Federation tab, select AuthnContext Templates.

   The View Authentication Context Templates window opens.

3. Select Create Template.

   The template wizard opens at the first step.

4. Enter a name for the template.
5. Complete one of the following actions:
   • Manually enter a URI and click Add URI.
   • Click Load Default URIs to select URIs from a predefined list. Move URIs from the Available URIs to the Selected URIs list.
6. Arrange the selected URIs by strength level. The strength level is in descending order, with the strongest URI at the top and the least strong at the bottom.
7. Click Next.
8. (Optional) Group URIs that require the same level of strength indenting one URI under the previous URI. Use the Change Grouping arrow to move a URI into or out of a group.
9. For SiteMinder Connector deployments only:
   1. Click Enable Protection Levels.
   2. Map the protection levels from a CA SiteMinder® authentication scheme to the URIs. CA SiteMinder® protection levels indicate the strength of an authentication scheme, ranging between 1 through 1000, with 1000 being the strongest. Individual URIs can have unique protection levels; however, grouping URIs means that they have the same level of strength.

      Consider the following information when assigning protection levels:

      • Assign the protection levels in descending order. List the strongest context at the top and the weakest context at the bottom.
      • You can modify the maximum protection level and the Administrative UI calculates the minimum. The Administrative UI verifies that there is no gap in the range of levels so that each protection level has an associated URI.

   Read more about protection level assignments.

10. Click Next to move to the last step of the wizard.
11. Select Finish to confirm the configuration.

The template is complete.