Federated Security
Use the Federated Security tab to configure a SAML 2.0 identity provider and WS-Trust security for your Infor Ming.le instance. This feature provides users the option to authenticate to Infor Ming.le using their corporate identity.
The Federated Security SAML 2.0 tab has these options:
Option | Description |
---|---|
SAML 2.0 Enabled | This flag enables or disables federated security using SAML 2.0. When disabled, the Federated Security tab is disabled. |
Display Name | This option is displayed to users during the sign-in process if you allow users to select their own authentication method on the Authentication URL Options tab. |
Display Icon | This option is displayed to users during the sign-in process if you allow users to select their own authentication method on the Authentication URL Options tab. |
Import SAML Metadata | If you have an Identity Provider metadata XML
file available to be uploaded, click
f you have a publicly accessible URL to a Identity Provider metadata XML file, click and enter the metadata XML URL.The XML file is parsed, and the following input fields on this page are automatically completed.
Verify the inputs and add any additional information required. If you are not importing Identity Provider SAML metadata, enter the following information manually. |
and select
the metadata XML file.
Issuer | Enter the SAML issuer entityId. |
Identity Provider Certificate | Select the certificate file. Only *.CER files
are supported.
The certificate is parsed and the Current Certificate and Expiration information are displayed. |
Assertion Consumer Service | Select the type and enter the location of the assertion consumer end point. |
Single Logout Service | Select the type and enter the location of the single logoff end point. |
SAML Identity Type | Select one of these options:
|
SAML Identity Location | Select one of these options:
|
Attribute Name | If you selected Identity is an Attribute element, enter the attribute name. |
Service Provider Information | Click
Infor Ming.le
Service Provider information. This information is displayed:
You also have the option to export the above information as a SAML metadata XML file. Click and save the file. |
to open an
overlay that contains the
JIT User Provisioning Enabled | This flag enables or disables Just In Time Provisioning. When enabled, the trusted federated security identity provider allows users to be created at the time of sign-in. |
First Name Claim | Specify the First Name Claim from your trusted federated security identity provider. |
Last Name Claim | Specify the Last Name Claim from your trusted federated security identity provider. |
Email Address Claim | Specify the Email Name Claim from your trusted federated security identity provider. |
The Federated Security WS-Trust tab has these options:
Option | Description |
---|---|
WS-Trust Enabled | This flag enables or disables WS-Trust. When enabled, it can send security token requests to Security Token Services. |
STS Name | Specify the Security Token Services Name. |
Soap Version | Select the Soap Version from the drop-down menu. |
WS-Trust Version | Select the WS-Trust Version from the drop-down menu. |
Service End Point | Specify the Service End Point. |
Client Authentication | Select Basic or Digest, provide the user name and password. When is Client CER, provide the PFX file and password. | from the drop-down menu. When the is