If you change the base URL of the Identity Server, all service providers, including Embedded Service Providers, need to be updated so that they use the new metadata:
If you change the base URL of Identity Server, all Access Manager devices that have an Embedded Service Provider (ESP) need to be updated so that new metadata is imported. To force a re-import of the metadata, configure the device so it does not have a trusted relationship with Identity Server, update the device, reconfigure the device for a trusted relationship, then update the device. The following steps explain how to force Access Gateway to re-import the metadata of Identity Server.
On the Home page, click Access Gateways > Edit > Reverse Proxies/Authentication.
Select None for the Identity Server Cluster option.
Click OK > OK, and update Access Gateway.
Click Edit > Reverse Proxies/Authentication.
Select an Identity Server configuration for the Identity Server Cluster option.
Click OK > OK, and update Access Gateway.
If you have set up federation with another provider over the SAML 2.0 or WS Federation protocol and you change the base URL of Identity Server, you need to update the provider with the new metadata to reestablish the trusted relationship. If the provider is another Identity Server, follow the procedure below to update the metadata; otherwise, follow the provider’s procedures.
On the Home page, click Applications > Select a Cluster > [application name] > [Protocol] > [Provider] > Metadata.
Click Reimport Metadata.
Follow the steps in the wizard.
For more information, see Section 2.8.7, Managing Metadata.