SAML Authentication Reference

SAML Settings for Signer Authentication

The enhanced SAML support is available since:

Before you start the configuration please have a look at the following sample for the federation metadata file and the authentication request file:

Please note the following information (SaaS): Please make sure that the communication with your identity provider is not being blocked.


The settings for the signer authentication can be found in the section "Identity Providers".  There you can add a provider for the SAML signer authentication. Just click on "Add Provider" to configure the settings.

SAML Settings Overview

For the settings you need a name for the provider, the federation metadata file (can either be uploaded via file or URI) and the Authn Request Token. Please also see the next figure:

SAML Settings For Signer Authentication

  1. Upload the "Federation Metadata" xml file.
  2. After uploading the "Federation Metadata" xml file, a new "Upload" button should appear, for "Authn Request Token"
  3. Upload the "authentication request" XML file.
  4. Click on the "+" to show the available attributes
  5. Click the big "+" sign to choose among the various mapping/identification attributes (eSAW currently supports E-Mail, Sid and Username)
  6. Click the "Update" button to update the provider configuration.
  7. Enable the newly created provider
  8. Download the service provider by clicking on the download button next to "Service Provider Metadata".
    1. Please trust the generated Service Provider Metadata file

After all those configurations you can add the authentication for the signer on the "Create Envelope" page.

Selected SAML For Signer Authentication

SAML Settings for User Authentication

The settings for the user authentication can be found in the section "Identity Providers".  There you can add a provider for the SAML user authentication. Just click on "Add Provider" to configure the settings. 

SAML Settings For User Authentication

You can share the authentication with all organizations. To allow this just enable the "Shared with all organizations".

  1. Upload the "Federation Metadata" xml file.
  2. After uploading the "Federation Metadata" xml file, a new "Upload" button should appear, for "Authn Request Token"
  3. Upload the "authentication request" XML file.
  4. Click on the "+" to show the available attributes
  5. Click the big "+" sign to choose among the various mapping/identification attributes (eSAW currently supports E-Mail, Sid and Username)
  6. Click the "Update" button to update the provider configuration.
  7. Enable the newly created provider
  8. Download the service provider by clicking on the download button next to "Service Provider Metadata".
    1. Please trust the generated Service Provider Metadata file
  9. After the configuration of the user authentication you can add this authentication to a user. In the section "Users" you must select a user, add the provider and add the value for the mapping field. For more information please also see the next figure:
  10. Selected SAML For User Authentication
  11. Please pass through an email ID (any other fields are not necessary)