IdP Connector Configuration Guide : Idaptive¶
BIG-IP as SAML SP Configuration¶
This document describes the configuration for an external IDP Connector using an IDP Connector template in the Guided Configuration SAML Service Provider workflow. Follow the steps below to configure Idaptive:
- Logon to the BIG-IP user interface and click .
- Select the Federation category.
- Select the SAML Service Provider to configure BIG-IP as a SAML Service Provider.
- Review the Required Configuration information and complete the following required steps before you configure the External IDP Connector.
- Provide the Service Provider details.
- Provide the Virtual Server configuration details.
- After you configure the External IDP connector, configure the Pool Settings and (optional) Endpoint Check and SSO settings.
External IDP Connector Configuration in Guided Configuration¶
Saml SP configuration supports only one IDP Connector for a Service Provider.
- On the External Identity Provider Connector Settings screen, select the Template method.
- Select the Identity Provider from the provided set. You can search for Idaptive in the Search bar. If a template for your application is not available, you can use the options Metadata or Custom, and configure the Identity Providers accordingly.
Select Idaptive and click Add. Specify a name for the connector.
IDP Connector Specific Properties¶
- To configure Idaptive provide following inputs:
- SSO URL : Provide the SSO URL configured in Idaptive. The URL should be in a format like this example: https://abcd0100.my.idaptive.com/applogin/appKey/1234abcde-51c9-461c-a3bf-1234abcde/customerId/abcd0100
- Entity ID / SAML Issuer URL : Provide the Issuer URL configured in Idaptive. The entity ID should be in the format https://cloud.idaptive.com/SAML/appspecificName.
Advanced Connector Settings¶
If the basic settings do not provide the information you need to configure, show Advanced Settings by clicking Show Advanced Settings.
- Select POST/Redirect as your Single Sign-on Service Binding.
- Specify whether the Identity Location is Subject or Attribute.
- Select Yes to sign Authentication requests, and select the appropriate signing algorithm.
- Select Yes if you want to detach the signature when using the redirect binding.
- Click Save & Next. Complete the subsequent steps.
Deploy the Configuration¶
- Deploy the configuration from the Summary screen.
- To retrieve the metadata for this configuration, navigate to .
- Select the SAML SP object created by your workflow, and click Export Metadata.
- Use the SAML metadata file to configure the Service Provider configuraton in the external Identity Provider Administration console.
Setup Idaptive as SAML Identity Provider¶
Refer to Idaptive documentation to set it up as SAML Identity Provider.
Test the configuration¶
- To test the configuration, click on the link Click to test configuration on the Summary page.
- Provide test user credentials, and verify that the access to the backend application succeeds.