Home > User Interface > Configuration > Policy Configuration > Authentication Sources > Internal > SAML
|
Menu path: Configuration > Policies and Access Control > Authentication Sources > Internal > SAML.
The Security Assertion Markup Language (SAML) is an open standard based on XML for exchanging authentication and authorization data. It was initially designed to support single sign-on for web browsers. The fields in a SAML authentication source definition are:
| Field Name | Usage | Example |
|---|---|---|
| Name | The name of the authentication source. | SAML auth |
| Description | Optional description of the source. | Corporate SAML authentication |
| Service Provider Entity ID | The identifier of the Service Provider (A3). This must match the Identity Provider configuration. | |
| Path to Service Provider Key | The URI for the service provider's x.509 private key. The key generated at installation time is in /usr/local/A3/conf/ssl/server.key. The key can be changed in Configuration> System Configuration> SSL Certificates > HTTPS. | /usr/local/A3/conf/ssl/server.key |
| Identity Provider entity ID | The identifier of the Identity Provider. | IDP_ENTITY_ID |
| Path to Identity Provider Metadata | The URI for the identity provider's metadata. | /usr/local/A3/conf/ldp-metadata.xml |
| Path to Identity Provider Certificate | The URI for the identity provider's certificate. | /usr/local/A3/conf/ssl/ldp.crt |
| Path to Identity Provider CA cert (x509) | The URI for the identity provider's certificate authority (CA) certificate. | /usr/local/A3/conf/ssl/ldp-ca.crt |
| Attribute of the User Name in the SAML response | The attribute that contains the username in the SAML assertion returned by the Identity Provider. | urn:oid:0.9.2342.19200300.100.1.1 |
| Authentication Source | The authentication source to be used for authorization. Choose from the sources defined in Authentication Sources. | local |
Note
The files listed in the example are located within A3's operating system. Modification to these can require the use of the A3 CLI, which is outside the scope of this help system.Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.