Home Content Services Core Share Core Share Enterprise Single Sign On

Part 1: Authentication Setup

Karen WeirKaren Weir ModeratorEM admin
edited October 30, 2015 in Single Sign On
image

Single Sign On (SSO) Authentication Setup with OpenText Core

1.  Under "Admin" click "SSO" and then "Configure" to set up your identity provider (IdP) metadata. 

image

2. Enter your IdP metadata URL or upload the XML file.  

Your metadata file should be located at:

"https://<your_domain>/FederationMetadata/2007-06/FederationMetadata.xml"

Make sure you are accessing through HTTPS.  Alternatively, you can upload the XML file with the metadata.

image


3.  Download the OpenText Core XML file or copy the XML URL to your clipboard.


image


4.  On your organization's Active Directory Federation Services or IdP, navigate to "Trust Relationships" then "Relying Party Trusts" and click "Add Relying Party Trust".


image


5.  In the "Add Relying Part Trust Wizard", paste the metadata URL that you copied to the clipboard or specify the OpenText Core file that you downloaded earlier.


image
image



6.  Click "next" and enter OpenText Core as the "Display Name".   Click "Next" through the end and click "Finish".

There are no further values to modify or enter at this time.


7.  Right click the OpenText Core Service which was just created and select "Edit Claim Rules".


image



8.  In the "Edit Claim Rules" dialog, select "Send LDAP Attribute as Claims" and then select "Active Directory" as the "Attribute Store".

Finally, map "E-Mail Addresses" as an LDAP attribute to "E-Mail Address" as an Outgoing Claim Type


image

Click "Finish"



9.  Add a second rule to "Transform an Incoming Claim".  Set the "Incoming Claim Type" as "E-Mail Address"  then the "Outgoing Claim Type" as "Name ID" and finally, "Outgoing Name ID Format" as "E-Mail".


image

Click "Finish".




Karen Weir
Forum Moderator
OpenText

Sign In or Register to comment.