This documentation is for WSO2 API Manager 1.7.0 View documentation for the latest release.
Page Comparison - Configuring Single Sign-on with SAML 2.0 (v.42 vs v.43) - API Manager 1.7.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



If there are many WSO2 products in your environment, you can configure SSO for the management consoles of all products by changing the SAML2SSOAuthenticator configuration in <PRODUCT_HOME>/repository/conf/security/authenticators.xml file as follows:

  • Set disabled attributes in <Authenticator> element to false
  • ServiceProviderID : In this example, it is the issuer name of the service provider created in step 1
  • IdentityProviderSSOServiceURL : In this example, it is the Identity Server port

    Code Block
    <Authenticator name="SAML2SSOAuthenticator" disabled="false">
                <Parameter name="LoginPage">/carbon/admin/login.jsp</Parameter>
                <Parameter name="ServiceProviderID">carbonserver1</Parameter>
                			<Parameter name="IdentityProviderSSOServiceURL">https://localhost:9444/samlsso&lt;samlsso</Parameter>
                <Parameter name="NameIDPolicyFormat">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</Parameter>

    Make sure the <priority> of the SAML2SSOAuthenticator is less than that of the BasicAuthenticator handler. See here for more information.