RapidIdentity Product Guide

Configure a Service Provider for SAML SSO

This Quick Start will help you to configure a new Service Provider for single sign-on federated with your RapidIdentity Tenant Identity Provider(IdP). Users access the web-based service through an Applications icon in the RapidIdentity Portal.


The IdP must be configured in RapidIdentity and the Service Provider Application must be configured to use the RapidIdentity IdP. Refer to Setting up the Federation Administrative User Guide for detailed configuration information.Setting up Federation

  1. From the Configuration menu, select Identity Providers.

  2. From the Security section in the left menu items, click the caret to expand the Identity Providers menu and select Federation Partners.

  3. From the Federation Partners workspace, select SAML 2.0 from the Add Federation Partner selector.

  4. The Community-SAML Relying Parties workspace will launch. If the Federation Partner is listed in the Community, select the relying party from the workspace for auto-configuration. Refer to the Reference Material on the Community for additional information.RapidIdentity Community SAML Relying Party Configuration

    1. The Community contains basic configuration information to automatically register commonly used SAML Relying Parties. Before manually adding a new SAML Relying Party, search the Community for the entry, as the Community will be updated on an ongoing basis with new SAML Relying Parties.

  5. If the Relying Party is not in the list, click Create New SAML Relying Party+.

  6. Enter the Name and optional Description, and paste the Metadata that was obtained from the Service Provider/Federation Partner.

  7. Click SSO Settings to expand the options. If selecting the Enable ECP Settings checkbox, those options will display. Refer to the Reference Material for details on SAML SSO / ECP Settings and Attribute Mapping.SAML SSO / ECP Settings and Attribute Mapping

  8. Click Save to add the SAML 2.0 Partner.

  9. From the Federation Partners workspace, select to Edit the entry.

  10. Click Choose an Attribute to DENY or PERMIT.

  11. Click to expand the drop-down of available attributes to deny or permit mapping.

    1. If the attribute is not available in the list, click theThe Add New Attribute window will load. Select the attribute type from the drop-down and click Create.

      1. Based on the type of attribute being added, different menu options will display.

      2. After the attribute has been added, Permit or Deny access the mapping, as in step 12.

  12. Select to Permit or Deny the attribute mapping.

  13. Click Save to add the attribute to the selected Federation Partner.

    1. A confirmation notice will display if updates are successful.

  14. Click to Trigger Service Reload to activate the new attributes for the Federation Partner.