Configure openIG to re-direct to Service Provider

This topic has 2 replies, 2 voices, and was last updated 5 months, 1 week ago by Jatinder Singh.

  • Author
    Posts
  • #27911
     aanandsri
    Participant

    Hi Team,

    I am new to OpenIG and need your help to implement my use case.
    I have configured FR AM as IDP and AWS as SP. SAML is working fine.

    http://sso.test.com:8080/SSO/saml2/jsp/idpSSOInit.jsp?realm=demo&metaAlias=/demo/idp&spEntityID=urn:amazon:webservices

    Assertion attribute : 
    RoleSessionName=mail

    Now, I have deployed my IG instance http://openig.test.com:8083 and want to route my SAML request through IG.
    Could you please help me in writing my routes on IG

    Thanks

    #27916
     aanandsri
    Participant

    Please suggest

    #27918
     Jatinder Singh
    Participant

    Is your IG instance proxying AM or your SP app?

    If you plan to put IG in front of AM to proxy SAML2 calls e.g. AuthNRequest going through IG before it hits AM – it will be tricky as IG being a SAML2 proxy is not supported out of the box as far as I know.

    Now if your goal is to set-up an IDP Proxy – you can still do that by standing an AM instance that would act as an IDP proxy. You can check out the below links on this topic:

    https://backstage.forgerock.com/knowledge/kb/article/a89932600
    https://backstage.forgerock.com/knowledge/kb/article/a14745791

    Hope this helps!

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?