Configuring federated security
Federated security allows you, as the external entity administrator, to configure an identity provider for your external entity. An identity provider is an additional authentication mode that you can set up for your external entity. This feature provides external users the option to authenticate into Infor Ming.le using their corporate identity.
Suppose you want to store the external entity users information (for example: user name and passwords) outside of Infor Ming.le. In that case, you must perform a federation between your active directory and Infor Ming.le federate in the Federated Security section. Infor depends on the customer's login process to authenticate the user if an identity provider is configured for an external entity. Authentication checks that the user name and password are correct. The identity provider is responsible for storing and maintaining the life cycle of the external user's passwords.
Use the Federated Security page to configure SAML 2.0 identity provider security for your Infor Ming.le instance. This feature provides users the option to authenticate to Infor Ming.le with their corporate identity.
This page displays this information:
- The display name of the federated security
- The issuer of the federated security
- If the federated security is enabled for SAML 2.0
SAML 2.0
The Federated Security SAML 2.0 tab has these options:
Option | Description |
---|---|
Display Name | This option is displayed to users during the sign-in process if you allow users
to select their own authentication method on the Authentication URL
Options page. Note: There is
a limitation on the STS adapter side that causes this option not to accept some
characters.
|
Display Icon | This option is displayed to users during the sign-in process if you allow users to select their own authentication method on the Authentication URL Options page. |
Import SAML Metadata |
|
Issuer | Enter the SAML issuer entityId. |
Identity Provider Certificate |
Select the certificate file. Only *.CER files are supported. The certificate is parsed and the Current Certificate and Expiration information are displayed. |
Assertion Consumer Service | Select the type and enter the location of the assertion consumer end point. |
Single Logoff Service | Select the type and enter the location of the single logoff end point. |
Assertion Identity Key | This specifies the field from the incoming assertion used to identify the
user. Select one of these options:
Attribute Name – This is where the claim uri is entered. |
EE user lookup field | This specifies which value from the external entity user definition is being used to identity the user. The administrator can use the drop-down to select a user property. |
Service Provider Information | Click Infor Ming.le Service Provider information. This
information is displayed:
|
to open an overlay that
contains the