Modifying the Authentication Card for SAML 1.1

When you create an identity provider, you must also configure an authentication card. After it is created, you can modify it.

  1. Click Devices > Identity Servers > Edit > SAML 1.1 > [Identity Provider] > Authentication Card.

  2. Modify the following values as needed:

    ID: If you have need to reference this card outside of the user interface, specify an alphanumeric value here. If you do not assign a value, Identity Server creates one for its internal use. The internal value is not persistent. Whenever Identity Server is rebooted, it can change. A specified value is persistent.

    Text: Specify the text that is displayed on the card to the user. This value, in combination with the image, must identify to the users, which provider they are logging into.

    Login URL: Specify an Intersite Transfer Service URL.The URL has the following format, where idp.sitea.novell.com is the DNS name of the identity provider, idp.siteb.novell.com is the name of the service provider, and idp.siteb.novell.com:8443/nidp/app specifies the URL that you want to users to access after a successful login.

    NOTE:The PID in the login URL must exactly match the entity ID specified in the metadata.

    https://idp.sitea.novell.com:8443/nidp/saml/idpsend?PID=https://idp.siteb.novell.com:8443/nidp/saml/metadata&TARGET=https://idp.siteb.novell.com:8443/nidp/app

    For information, see Specifying the Intersite Transfer Service URL for the Login URL Option.

    If your identity provider is a Access Manager Identity Server and you know the ID specified for the target, you can use the following simplified format for the Login URL:

    <URL for site a>?id=<ID of target>
    https://idp.sitea.novell.com:8443/nidp/saml/idpsend?id=206test

    The target and the target ID are specified in the service provider configuration at the identity provider. See Configuring an Intersite Transfer Service Target for a Service Provider.

    Image: Specify the image to be displayed on the card.

    Show Card: Determine whether the card is shown to the user, which allows the user to select and use the card for authentication. If this option is not selected, the card is only used when a service provider makes a request for the card.

  3. Click OK > OK.

  4. Update Identity Server.