CA API Gateway 9.1

9.4 9.1

Federated Identity Provider Wizard

The Federated Identity Provider Wizard adds or edits an identity provider in the Federated Gateway.
gateway83
The Federated Identity Provider Wizard adds or edits an identity provider in the Federated Gateway.
Step 1: Enter Provider Information
This step of the wizard lets you specify a name for the Federated Identity Provider and select which credential source types to allow.
Configure this step as follows:
  • Provider Name:
     Enter the name of the Federated Identity Provider. This name appears in the [
    Identity Providers
    ] tab.
  • Credential Source Type Allowed: 
    • Select
      X.509 Certificate
       if using X.509 certificates for credential authorization.
    • Select
      SAML Token
       if using a Require SAML Token Profile assertion for credential authorization.
  • Security Zone
    : Optionally choose a security zone. To remove this entity from a security zone (security role permitting), choose "
    No security zone
    ". For more information about security zones, see Understanding Security Zones.
    This control is hidden if either: (a) no security zones have been defined, or (b) you do not have Read access to any security zone (regardless of whether you have Read access to entities inside the zones).
Step 2: Select the Trusted Certificates
This step lets you add trusted certificates to be used by the Federated Identity Provider.
To add an existing certificate
:
  1. Click [
    Add
    ]. The Search Trusted Certificates dialog appears.
  2. Optionally specify a Subject DN or Issuer Name to filter the search.
  3. Click [
    Search
    ]. The results appear in the Search Results list.
  4. Select one or more certificates to add, then click [
    Select
    ].
You are warned if you select a trusted certificate already in use by another Federated Identity Provider. If this was intentional and your policies allow this, click [
OK
] to continue with the duplicates. Otherwise, click [
Cancel
] and specify another certificate.
To remove a certificate
:
  1. Select the certificate to remove.
  2. Click [
    Remove
    ]. The certificate is removed immediately.
To view details about a certificate
:
  1. Select the certificate to view.
  2. Click [
    Properties
    ]. The certificate details are displayed. You cannot modify any of the certificate properties.
To add a new certificate
:
  1. Click [
    Create
    ]. The Add Certificate Wizard appears.
  2. Complete the wizard to create the new certificate.
Step 3: Certificate Validation
This step lets you specify how certificates for this Federated Identity Provider should be validated.
By default, the method defined for Identity Providers in the Manage Certificate Validation dialog is used. To override this default, choose another validation option from the drop-down list.
For a description of each option, see Manage Certificate Validation.

Content feedback and comments