Adding a service provider

To add a service provider:

  1. Click Add new item.
  2. Select the Application Type as assigned to the application during the application registration process.
  3. Depending upon the protocol selected during registration, complete this information:
    For WS FED:
    Display Name
    The user friendly name given to the service provider.
    Entity ID
    The entity ID is the unique identifier for the service provider in the WS-Federation protocol. The entity ID must be unique in the environment across tenants.
    SSO Endpoint
    The URL where the federation hub issues the assertion, as part of the WS-Federation protocol.
    For SAML:
    Display Name
    The user friendly name given to the service provider.
    Entity ID
    The entity ID is the unique identifier for the service provider in the SAML 2.0 protocol. The entity ID must be unique in the environment across tenants.
    SSO Endpoint
    Binding: The binding being used to deliver the SSO response from the federation hub to the service provider being configured: HTTP Post

    URL: The URL where the service provider received the SSO response from the federation hub as part of the SAML 2.0 protocol.

    SLO Endpoint
    Binding: The binding being used to deliver the SLO request from the federation hub to the service provider being configured:
    • HTTP Post
    • HTTP URL Redirect

    URL: The URL where the service provider receives the SLO request from the federation hub as part of the SAML 2.0 protocol.

    Signing Certificate
    The certificate used by the service provider to sign the SLO response. This certificate is mandatory. Only sha-256 certificates are accepted.
    Secondary Signing Certificate
    The alternate certificate used by the service provider to sign the SLO response. This certificate is optional.
    Note: 

    This allows rotation of the signing certificate by the service provider without down time.

    Name ID as Identity2
    Defines the content of the name ID on the assertion.

    When enabled, the Name ID holds the Identity 2 value.

    When disabled, the Name ID holds a transient value.

  4. Click Save.