Service Provider Setup

  • Uploading SP Metadata

    You can upload your SP metadata by clicking on the Upload SP Metadata button which provides you with two options in the Service Provider Settings section:

    • Choose the .xml file containing the metadata from your device and upload it.

    DNN SAML IDP - DNN as SAML Identity Provider - Upload SP Metadata

    • If your service provider provides a metadata endpoint, then you can enter the metadata URL of your service provider and click on Fetch Metadata.

    DNN SAML IDP - DNN as SAML Identity Provider - Fetch SP Metadata

  • Manual Configuration

    You can manually provide your SP metadata URLs in the Service Provider Settings section.

    • SP Entity ID or Issuer
    • Audience URI (Optional)
    • ACS URL (The URL where SAML response needs to be posted not the login URL)
    • X.509 Certificate from the SP (If a Signed Login/Logout Request will be posted from SP)

    DNN SAML IDP - DNN as SAML Identity Provider - Manual SP Configuration

When you are configuring the DNN SAML 2.0 IDP Module, you will be given the option to get your SAML request in the Signed Requests option, and to post the SAML response with the “Encrypted Assertion” or/and “Signed Assertion”, or/and “Signed Response”.

Enabling these settings adds another layer of security to your SSO process as the Response and Assertion will be digitally signed using the default signing and encryption certificate present in the module.

Note: This option is present in the Premium and Enterprise.