Service Provider Setup

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Service Provider Setup

Uploading Metadata

You can upload your IdP metadata by clicking on the Upload IDP Metadata which provides you two options:
1. You can upload your Identity Provider metadata using the XML file.
2. You can use the metadata URL of your Identity Provider to upload metadata.
Note: If the IdP metadata is changed you will be again required to provide us with the updated metadata.
Manual Configuration

You can manually configure your IdP metadata where you need to have the following settings and save them.
- identity provider name
- IdP Entity ID or Issuer
- SAML Login URL (The URL where SAML request needs to be posted not the login URL)
- X.509 Certificate from the IDP

Auto Creation of Users

Users who are authenticated from the Identity Provider side but are not present in the nopCommerce site will be created automatically with the profile attributes mapped.

nopCommerce SAML Single Sign-On (SSO) - nopCommerce SAML SSO - Auto Creation of SSO users

Test Configuration: After you configure your IdP’s metadata, you SAVE it and go to Test Configuration. There a new window will open which will display either of the following configuration status:-

Configuration successful – with user attributes.
Error message – if any configuration error is sent by IdP.

nopCommerce SAML Single Sign-On (SSO) - nopCommerce SAML SSO - Testing nopCommerce SAML SSO

When you are configuring your IdP, you will be given an option to send the signed SAML SSO and SLO Requests.

Enabling this option adds another layer of security to your SSO and SLO process as the SSO/SLO request will be digitally signed using the default signing and encryption certificate present in the plugin. You can also use your own custom certificate for this instead.

Note: This option is present in the Premium and Enterprise.

You can select any of these options to send your SAML Request if your IDP supports the selected methods.

HTTP-Post binding type
HTTP-Redirect binding type

While configuring, it also provides the feature to add a Single Logout URL. But, this feature will only work if your IDP supports Single logout. Here also you can select the option of binding type to send your request.

Note: This is present in all our plugins from the Premium plan onwards.