This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. After adding the client application as a service provider in the primary Identity Server instance, navigate to the Main menu and click List under Service Providers. Click Edit next to the service provider you created.
  2. Expand the Local & Outbound Authentication Configuration section. Here we set the travelocity client to use the primary IS instance and the identity provider named 'Secondary' also as its identity provider. For this we have to add authentication steps. 

    1. Click Advanced Configuration and from next UI, click Add Authentication Step
    2. Under Local Authenticators add the “basic” authenticator by selecting it from the combo box and clicking Add Authenticator
    3. Under Federated Authenticators select “Secondary” and add it.
    4. Click Update to save your changes.
  3. Click Update to save changes to your service provider configurations. Now when you log in to the client application it can select either the primary IS instance or secondary IS instance as the identity provider and therefore has access to both user spaces.
  4. Go to https://localhost:9443/carbon, the primary IS instance, and create a user named 'primaryuser' and set the password as 'primepass'.
  5. Go to https://localhost:9444/carbon, the secondary IS instance and create a user named 'secondaryuser' and set the password as 'secondpass'.
  6. Test your application. 
    1. After copying the "travelocity.war" file to the <TOMCAT_HOME>/webapps directory, run the Tomcat server. 
    2. Go to http://localhost:8080/ This is the client application.

    3. Since we are using SAML for authentication, click the link in the first line. 
    4. In the resulting screen, log in with the username 'primaryuser' and the password 'primepass' for authentication as a local user in the primary IS instance.

      If you wish to authenticate a user in the secondary IS instance which is the secondary IdP, click “Secondary” under Other login options. In the resulting screen, log in using the username “secondaryuser' and password 'secondpass'. These credentials were created in the secondary IS instance.