Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 15 Next »

Login as Administrator

Setup (under your username) -> Security Controls (Left Nav under Administrative Setup) -> Single Sign-on Settings

Click the edit button, then check the SAML enabled box.

Enter the following information (but change "auth" to "auth-test" or "auth-dev" if linking a test or development application to Shibboleth's test or development instance):

Option

Value

SAML Version

2.0

Identity Provider Certificate

get it here:
auth.yale.edu [production] or
auth-test.yale.edu [test]  or
auth-dev.yale.edu [development] auth.yale.edu.crt

Identity Provider Login URL

https://auth.yale.edu/idp/profile/SAML2/POST/SSO

Custom Error URL

leave empty

SAML User ID Type

Assertion contains the Federation ID from the User object

SAML User ID Location

User ID is in the NameIdentifier element of the Subject statement

Entity Id

https://saml.salesforce.com

Issuer

https://auth.yale.edu/idp/shibboleth

Identity Provider Logout URL

leave blank

It should look like this..

SAVE!

Please email your entire "Salesforce.com Login URL" to idp.yale@panlists.yale.edu, ITS needs this url to add to the IdP for SSO to work. This will take a short amount of time to push to the production IdP so please request this a few days before the site go live date.

Thats it... almost... check out how to manage access to the site to select netids, here.

  • No labels