Generate SAML Metadata So That Connection Server Can Be Used as a Service Provider

After you create and enable a SAML authenticator for the identity provider you want to use, you might need to generate Connection Server metadata. You use this metadata to create a service provider on the Unified Access Gateway appliance or a third-party load balancer that is the identity provider.

Prerequisites

Verify that you have created a SAML authenticator for the identity provider: Unified Access Gateway or a third-party load balancer or gateway.

Procedure

Open a new browser tab and enter the URL for getting the Connection Server SAML metadata.
https://connection-server.example.com/SAML/metadata/sp.xml
In this example, connection-server.example.com is the fully qualified domain name of the Connection Server host.

This page displays the SAML metadata from Connection Server.
Use a Save As command to save the Web page to an XML file.
For example, you could save the page to a file named connection-server-metadata.xml. The contents of this file begin with the following text:
```
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ...
```

What to do next

Use the appropriate procedure on the identity provider to copy in the Connection Server SAML metadata. Refer to the documentation for Unified Access Gateway or a third-party load balancer or gateway.