4.3 Converting SAML 2.0 Service Providers in the Applications Page

In prior releases, Access Manager Appliance allowed you to configure federated authentication using SAML 2.0 to internal and external identity providers, service providers, and embedded service providers (ESPs). For more information, about the prior configuration for service providers, see Configuring SAML 2.0 in the NetIQ Access Manager Appliance 4.3 Administration Guide. This release of Access Manager Appliance provides a way for you to convert the previously configured SAML 2.0 service providers to become a SAML 2.0 application managed through the Applications page.

Converting the service providers gives you the following benefits:

  • Adds the ability to configure access control to the application using roles.

  • Automatically creates an appmark for the application.

If you had created appmarks for the SAML 2.0 service provide, nothing happens to those appmarks. The conversion process only adds a new appmark for the SAML 2.0 application, if you select to create a new appmark.

After you have upgraded to Access Manager Appliance 4.3 the new Applications page displays any service providers you have created in the past. Access Manager Appliance does not convert the service provider until you click on it and save the new configuration options.

To convert a service provider to an application:

  1. Log in to Administration Console as an administrator.

  2. In Administration Console Dashboard, click Administration Tasks > Applications.

  3. Find the service provider you want to convert in the list of applications on the left.

    If the service provide is not converted, then is no menu in the upper right corner of the tile and the image is a default SAML image for all SAML 2.0 service providers.

  4. Click the SAML service provider you want to convert.

  5. Review all of the available options to ensure they are correct.

    NOTE:If you have existing appmarks, Access Manager populates the Roles field with the roles assignments from the existing appmarks. The roles assignments here grant the users accessibility to applications. The role assignments on the appmark grants viability to appmarks for the users.

  6. Click Save to convert the SAML 2.0 service provider to be a SAML 2.0 application.

  7. Click Yes to create a new appmark for this SAML 2.0 application.

    or

    Click No if you do not want a new appmark created for this SAML 2.0 application.

  8. Click the Configuration Panel, then perform an Update All to have the changes take effect.

If you want to make additional changes through the Advanced Setup options, you must save and convert the SAML 2.0 service provider. The Advanced Setup options do not appear until after you have converted the SAML 2.0 service provider to be a SAML 2.0 application.