Identity Provider Setup

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Identity Provider Setup

On the Identity Provider Setup tab of the module, you can configure your Drupal site as a SAML 2.0 Identity Provider. In this tab, you need to provide the Service Provider metadata to establish trust between the IdP and SP, which is required to enable SSO. Once configured, Drupal can authenticate users and securely share identity information with connected Service Providers.

You can provide a Service Provider metadata in three different ways.

Upload the Service Provider Metadata file

Upload the Service Provider Metadata file to automatically import the SP configuration details and establish trust between the Identity Provider and the Service Provider.
To upload a file, navigate to the Identity Provider Setup tab, click the +Add Service Provider button.
Expand the Upload SP Metadata section, click Choose File, and upload the SP metadata file.
Click the Upload button.

Using Service Provider Metadata URL

This option allows you to provide the URL of the service provider metadata so the module can fetch and configure the Service Provider details.
For this, navigate to the Identity Provider Setup tab, click the +Add Service Provider button.
Expand the Upload SP Metadata section and provide the SP metadata URL in the Upload Metadata URL textbox, and click the Fetch Metadata button.

Manual

This option allows you to manually configure the Service Provider by entering details provided by the SP, such as the SP Entity ID or Issuer, NameID format, ACS URL, SAML Logout URL, and X.509 certificate.

Navigate to the Identity Provider Setup tab, and provide the necessary information from your SP and click the Test Configuration button.

SP Attributes	Description
Service Provider Name	Enter a name for the Service Provider.
SP Entity ID or Issuer	This is a unique identifier assigned to the Service Provider, and it is used by the module to recognize SAML authentication requests.
NameID Format	It determines how users from the Service Provider are identified and mapped to Drupal users by the Identity Provider during the SSO.
ACS URL	This is the Service Provider endpoint where the Identity Provider sends the SAML response after successful user authentication.
Logout Request HTTP Binding	With this feature, you can decide how you want to send a logout request from IdP to SP. 1. HTTP-Redirect: This will send the logout request as a URL parameter via browser redirects. 2. HTTP-POST: This will send the logout request in a POST request.
SAML Logout URL	It is the Service Provider’s Single Logout (SLO) endpoint where the Identity Provider sends logout requests or responses to terminate the user’s session.
Relay State	It is the parameter where the user will be redirected after the SSO.
x.509 Certificate Value	It is the Service Provider’s public certificate used by the IdP to verify signed SAML requests.
Response Signed	Enable this option if you want a signed SAML response.
Assertion Signed	Enable this option if you want a signed SAML Assertion.
Encrypted Assertion	If you want an encrypted assertion, then enable this option, and after that, provide the encrypted certificate. Please note that not all SPs support encrypted assertion.

After successful test configuration, click Save Configuration.