Configure SiteMinder as SAML Identity Provider
Configure SiteMinder as a SAML identity provider by completing the following steps.
You must have a SiteMinder account.
Configure SiteMinder settings
When configuring SiteMinder, you will use the default values for most options. You will also need the following Auth0-related values in the configuration steps below:
Assertion Consumer Service URL:
HTTP-Redirect binding for SAML Request
HTTP-POST binding for SAML Response
Log into SiteMinder.
Open the SAML Service Provider Dialog.
Provide an appropriate name for this service provider.
NameIdentifier. There are many ways of generating this for users authenticating with SiteMinder. Typically you will map this value to one of the user properties in the User Directory as
Configure the service provider general SAML properties:
Setting Description SP ID
SAML Version 2.0 Skew Time: 30 seconds
Configure the Assertion Consumer Service URL which is the location where SiteMinder will POST back the SAML token. This Service Provider (YOUR_TENANT) only supports the
HTTP-POSTbinding for SAML Responses. Use:
Check the HTTP-Post box.
Configure additional user properties to send in the token. Add any other properties you wish to share about the authenticated user to this Service Provider. Common values are:
email address, and so on. This Service Provider will use the
NameIdentifierdefined previously as a unique handle of the user. These attributes will be treated as reference information.
Enter the SLO Location URL:
(Optional) The service provider supports encryption of assertions. To use this option, do the following to download the Service Provider public key certificate.
In the Auth0 Dashboard, click on Connections and then Enterprise.
Click on SAMLP Identity Provider.
Click on the setup icon (pencil).
In the window which appears, the seventh (last) bullet gives you links to download the .pem or .cer format certificate.
Download the desired certificate and add it to the SiteMinder Policy Server Keystore.