Identity provider - SAML
- Kiss, Mate
- Fenyvesi, Gabor
AVAILABLE IN 9.7.6 AND LATER
Overview
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
AD FS configuration for VFC SAML Identity Provider
Azure configuration for VFC SAML Identity Provider
Configuration
| Item | Description |
|---|---|
| Name | The name of the Identity provider configuration. This can be anything |
| Type | Select SAML. |
| Verba Login ID does not Contain Domain | If the login IDs on the VFC side contain the domain part, then untick this option. |
| Strict (Verify Signatures) | If you VFC to verify the signature of the certificate of the SAML login page, then tick this option. Otherwise, untrusted certificates will be accepted also. |
| Service Provider Entity ID | Provide the URL of the VFC server in the following format: https://server-fqdn/verba |
| Identity Provider ID | AD FS: Provide the URL of the AD FS server in the following format: http://server-fqdn/adfs/services/trust Azure: Provide the Microsoft Entra Identifier. See Azure configuration for VFC SAML Identity Provider step 17. |
| Identity Provider Login URL | AD FS: Provide the URL of the AD FS server in the following format: https://server-fqdn/adfs/ls Azure: Provide the Login URL. See Azure configuration for VFC SAML Identity Provider step 16. |
| Identity Provider Certificate | AD FS: Provide the token signing certificate of the AD FS server. See AD FS configuration for VFC SAML Identity Provider step 21. Azure: Provide the SAML certificate. See Azure configuration for VFC SAML Identity Provider step 14. |
| Sign Authentication Request | Tick this option if you want the VFC side to sign the authentication requests. In this case, the signing certificate also has to be configured on the AD FS / Azure side. |
AD FS
Azure
