This documentation is for WSO2 API Manager 1.7.0 View documentation for the latest release.
Page Comparison - Configuring Single Sign-on with SAML 2.0 (v.42 vs v.43) - API Manager 1.7.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

If there are many WSO2 products in your environment, you can configure SSO for the management consoles of all products by changing the SAML2SSOAuthenticator configuration in <PRODUCT_HOME>/repository/conf/security/authenticators.xml file as follows:

  • Set disabled attributes in <Authenticator> element to false
  • ServiceProviderID : In this example, it is the issuer name of the service provider created in step 1
  • IdentityProviderSSOServiceURL : In this example, it is the Identity Server port

    Code Block
    languagexml
    <Authenticator name="SAML2SSOAuthenticator" disabled="false">
            <Priority>10</Priority>
            <Config>
                <Parameter name="LoginPage">/carbon/admin/login.jsp</Parameter>
                <Parameter name="ServiceProviderID">carbonserver1</Parameter>
                			<Parameter name="IdentityProviderSSOServiceURL">https://localhost:9444/samlsso&lt;samlsso</Parameter>
                <Parameter name="NameIDPolicyFormat">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</Parameter>
    </Config>

    Make sure the <priority> of the SAML2SSOAuthenticator is less than that of the BasicAuthenticator handler. See here for more information.