...
Click the edit button, then check the SAML enabled box.
There are three instances of Shibboleth at Yale (production, test, and development). Changes to production take time to schedule, while test can be updated in an hour and development can be updated in minutes. To avoid delay, you may want to configure a new application to use test Shibboleth (on auth-test.yale.edu) right now and reconfigure it to use production Shibboleth after there has been time to refresh the production instance. If your application also has development and test instances you might configure them to use dev and test Shibboleth. However, if you just want to configure once and you have only one Salesforce instance, then use production (auth.yale.edu) and be prepared to wait until the next change management cycle updates production Shibboleth.
Enter the following information (but change "auth" to "auth-test" or "auth-dev" if linking a test or development application to Shibboleth's test or development instance):
Option | Value |
|---|---|
SAML Version | 2.0 |
Identity Provider Certificate | get it here: |
Identity Provider Login URL | |
Custom Error URL | leave empty |
SAML User ID Type | Assertion contains the Federation ID from the User object |
SAML User ID Location | User ID is in the NameIdentifier element of the Subject statement |
Entity Id | |
Issuer | |
Identity Provider Logout URL | leave blank |
...