After you create and enable a SAML authenticator so that Access Point can be used as an identity provider, you can generate SAML metadata on that back-end system and use the metadata to create a service provider on the Access Point appliance. This exchange of data establishes trust between the identity provider (Access Point) and the back-end service provider, such as View Connection Server.

Prerequisites

Verify that you have created a SAML authenticator for Access Point on the back-end service provider server.

Procedure

  1. Retrieve the service provider SAML metadata, which is generally in the form of an XML file.

    For instructions, refer to the documentation for the service provider.

    Different service providers have different procedures. For example, you must open a browser and enter a URL such as: https://connection-server.example.com/SAML/metadata/sp.xml

    You can then use a Save As command to save the Web page to an XML file. The contents of this file begin with the following text:

    <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ...
  2. In the Access Point admin UI Configure Manually section, click Select.
  3. In the Advanced Settings section, click the SAML Server Provider Settings gearbox icon.
  4. In the Service Provider Name text box, enter the service provider name.
  5. In the Metadata XML text box, paste the metadata file you created in step 1.
  6. Click Save.

Results

Access Point and the service provider can now exchange authentication and authorization information.