Service Provider parameters

A set of parameters has to be configured for the portal to act as the Service Provider (SP).

Parameter	Required/Optional	Description
Service provider entity ID	Required	The ID of the services provider. It can be any name, but it has to match the name on the IdP side.
Name ID format	Required	The Name ID identifies the subject of communication between the portal and IdP. The following Name ID formats are supported. urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:2.0:nameid-format:transient It is recommended to use the persistent format. Persistent user names ensure that the identity between the portal and IdP never changes.
SP X.509 private key	Optional	This key is used to sign requests to the IdP, as well as to decrypt responses from it. The key entry has to contain the BEGIN PRIVATE KEY header and END PRIVATE KEY footer. If no key is supplied, the portal does not sign requests or process any encrypted responses from the IdP. For more information about the private key, see Message encryption.
SP X.509 certificate	Optional	This certificate is used to validate the outgoing request signatures from the portal to the IdP, as well as to validate and decrypt responses. The certificate entry has to contain the BEGIN CERTIFICATE header and the END CERTIFICATE footer. The signing key for this certificate should be included in SP X.509 private key. If no certificate is supplied, the portal does not sign requests or process any encrypted responses from the IdP.
Requested Authentication Context	Required	Specifies the comparison operator in the authentication context request from the portal (SP) to the IdP. The following operator values are valid. exact (default) minimum maximum better