Service Provider Setup


You can upload your identity provider's metadata in two ways:

  • Uploading Metadata

    You can upload your IdP metadata by clicking on the Upload IDP Metadata which provides you two options:

    1. You can upload the XML file of your identity provider SAML 2.0 metadata.

    2. You can provide us the link to the metadata of your identity provider.

    DNN SAML Single Sign-On (SSO) - DNN SAML SSO - Upload IDP Metadata

    Note: If the identity provider (IdP) metadata is changed you will be again required to provide us with the changes.

  • Manual Configuration

    You can manually provide your IdP credentials where you need to provide the required settings and save them.

    • identity provider Name

    • IdP Entity ID or Issuer

    • SAML Login URL (The URL where SAML request needs to be posted not the login URL)

    • X.509 Certificate from the IDP

    DNN SAML Single Sign-On (SSO) - DNN SAML SSO - Uploading IDP Metadata via manual configuration

Test Configuration: After you provide your IdP’s metadata URL, you Save it and go to Test Configuration. There a new window will open which will display either of the following configuration status:-

  1. Configuration successful – with user attributes.

  2. Error message – if any configuration error is sent by IdP.

DNN SAML Single Sign-On (SSO) - DNN SAML SSO - Testing DNN SAML SSO

When you are configuring your IdP, you will be given two options to send your SAML request in the Sign SSO & SLO Requests option.

Enabling these settings adds another layer of security to your SSO process as the SSO and SLO requests will be digitally signed using the default signing and encryption certificate present in the plugin. You can also use your own custom certificate for this instead.

Note: This option is present in the Premium and Enterprise.

You can select any of these options to send your SAML Request if your IDP supports the selected methods.

  1. HTTP-Post binding type
  2. HTTP-Redirect binding type

While configuring, it also provides the feature to add a Single Logout URL. But, this feature will only work if your IDP supports Single logout. Here also you can select the option of binding type to send your request.

Note: This option is present in the Premium and Enterprise.