Service Providers can be added and removed from the "SAML 2.0-based Single Sign-On" page.
Follow the instructions below to add a new Service Provider.
1. Sign in. Enter your user name and password to log on to the Management Console as described here for Windows users and here for Linux users.
2. Click the "Main" button to access the "Manage" menu.
3. From the "Main" menu, select "SAML SSO" under "Manage."
4. The following points should be taken into consideration when adding a service provider:
- Issuer - The issuer value specified in the SAML Authentication Request issued by the Service Provider.
- Assertion Consumer URL - The URL of the assertion consumer service of the service provider.
- Enable Signature Validation in Authentication Requests and Logout Requests - Enabling this option will make sure that the integrity is protected in all of the authentication and logout requests that WSO2 Cloud Identity SSO Service receives.
- Certificate Alias - If signature validation is enabled, the public key of the service provider is required to perform signature validation of SAML Tokens. Thus, the public key of the service provider should be imported to the keystore and pointed to the certificate using its alias.
- Custom Logout URL - This URL will be used in Single Logout.
Specify the options and click on the "Add" button.
5. A new Service Provider is displayed in the list above.