SAML Authentication Reference
SAML Settings for Signer Authentication
Please note the following information (SaaS): Please make sure that the communication with your identity provider is not being blocked.
The settings for the signer authentication can be found in the section "Identity Providers". There you can add a provider for the SAML signer authentication. Just click on "Add Provider" to configure the settings.
For the settings you need a name for the provider, the federation metadata file (can either be uploaded via file or URI) and the Authn Request Token. Please also see the next figure:
- Upload the "Federation Metadata" xml file.
- After uploading the "Federation Metadata" xml file, a new "Upload" button should appear, for "Authn Request Token"
- Upload the "authentication request" XML file.
- Click on the "+" to show the available attributes
- Click the big "+" sign to choose among the various mapping/identification attributes (eSAW currently supports E-Mail, Sid and Username)
- Click the "Update" button to update the provider configuration.
- Enable the newly created provider
- Download the service provider by clicking on the download button next to "Service Provider Metadata".
- Please trust the generated Service Provider Metadata file
After all those configurations you can add the authentication for the signer on the "Create Envelope" page.
SAML Settings for User Authentication
The settings for the user authentication can be found in the section "Identity Providers". There you can add a provider for the SAML user authentication. Just click on "Add Provider" to configure the settings.Â
You can share the authentication with all organizations. To allow this just enable the "Shared with all organizations".
- Upload the "Federation Metadata" xml file.
- After uploading the "Federation Metadata" xml file, a new "Upload" button should appear, for "Authn Request Token"
- Upload the "authentication request" XML file.
- Click on the "+" to show the available attributes
- Click the big "+" sign to choose among the various mapping/identification attributes (eSAW currently supports E-Mail, Sid and Username)
- Click the "Update" button to update the provider configuration.
- Enable the newly created provider
- Download the service provider by clicking on the download button next to "Service Provider Metadata".
- Please trust the generated Service Provider Metadata file
- After the configuration of the user authentication you can add this authentication to a user. In the section "Users" you must select a user, add the provider and add the value for the mapping field. For more information please also see the next figure:
- Please pass through an email ID (any other fields are not necessary)