Setup SAML2 assertion

For SAML2 assertions, you must download your site's preferred SAML metadata for the IdP, and store it locally to generate requests.

This SAML metadata (XML) generates SAML log in and log out requests from Spectrum Technology Platform:

spectrum.sso.IdP.identityProviderMetadataPath=LocalPath/ADFSv2.0-FederationMetadata.xml

The service provider generates its own SAML2 data, which can verify that Spectrum Technology Platform is configured properly as a service provider:

spectrum.sso.sp.serviceProviderMetadataPath=localpath/SP-FederationMetadata.xml

The IdP requires a relying party, generally the service provider information. Spectrum Technology Platform must generate an identifier recognized by the IdP. This information is added in the SAML request and is sent to IdP from Spectrum Technology Platform. IdP is already configured with identifier: spectrum.sso.sp.serviceProviderEntityId=YourIdentifierForRelyingParty. This helps to verify trusted requests to IdP. For example:

https://US-5H19PH2-10.pbi.global.pvt/AD FS/trust