Creating an SP connection

• Manually add an SP connection by clicking Add.
• Import a metadata file by clicking Import from file.
• From a URL, import from a metadata file path by clicking Import from URL. This URL must be accessible from the server in which you are running the STS user interface.

Display Name

A human-readable name for your application.

Partner Entity ID

This should be the entity ID of your service provider.

Description

A human-readable description for your service provider.

IFS Application Type

This is used to determine what claims to send, through integration with the IFS Claims Service.

Connection Endpoints

A list of endpoints for your application.

• Endpoint Type: SAML applications must have two endpoints, at minimum: an ACS and an SLO endpoint. WS-Federation applications must have one WSFED endpoint.
• Endpoint Binding: Binding used by SP for this endpoint. STS supports POST and REDIRECT. This is applicable only for SAML. WS-Federation connections do not have a binding or use POST by default.
• Endpoint URL: Complete URL for this endpoint.

Primary Signing Certificate

This should be a file in a .cer format.

Secondary Signing Certificate

A secondary token signing certificate.

Signature Algorithm

The algorithm used by your application to sign requests. Supported algorithms are SHA1 and SHA256. SHA256 is strongly recommended.

Sign Response

Whether the STS should sign responses sent to this service provider. This option is selected by default an cannot be edited.

Sign Assertion

Whether the STS should sign assertions sent to this service provider.

Include Key Info

Whether the key information should be included in the signature. This option is selected by default.

Name Identifier Format

Qwerty

Authentication Context Class

URIs that specify authentication methods in SAML authentication requests.