Federation Security Services GuideIdentify Service Providers for a SAML 2.0 Identity Provider › Configure Identity Provider Discovery Profile (optional)

Previous Topic: Guidelines for the Single Logout Confirmation Page

Next Topic: Encrypt a NameID and an Assertion

Configure Identity Provider Discovery Profile (optional)

The Identity Provider Discovery Profile enables the Service Provider to determine which Identity Provider a principal is using with the Web browser single sign-on profile.

This profile is useful in federated networks that have more than one Identity Provider, and it enables Service Provider to determine which Identity Provider a principal is using. This profile is implemented using a cookie domain that is common to the Identity Provider and the Service Provider and contains a list of Identity Providers.

To enable the Identity Provider Discovery Profile

  1. Check the Enable checkbox.

    The fields on the tab become active.

  2. Fill-in the fields and click OK.

    Note that the Service URL field should be set to the Identity Provider Discovery Profile servlet, which is:

    https://<host:port>/affwebservices/public/saml2ipd

Copyright © 2010 CA. All rights reserved. Email CA about this topic