4.3 Converting SAML 2.0 Service Providers in the Applications Page

In prior releases, Access Manager allowed you to configure federated authentication using SAML 2.0 to internal and external identity providers, service providers, and embedded service providers (ESPs). For more information, about the prior configuration for service providers, see Configuring SAML 2.0 in the NetIQ Access Manager 4.3 Administration Guide. This release of Access Manager provides a way for you to convert the previously configured SAML 2.0 service providers to become a SAML 2.0 application managed through the Applications page.

Converting the service providers gives you the following benefits:

  • Adds the ability to configure access control to the application using roles.

  • Automatically creates an appmark for the application.

If you had created appmarks for the SAML 2.0 service provide, nothing happens to those appmarks. The conversion process only adds a new appmark for the SAML 2.0 application, if you select to create a new appmark.

After you have upgraded to Access Manager 4.3 the new Applications page displays any service providers you have created in the past. Access Manager does not convert the service provider until you click on it and save the new configuration options.

To convert a service provider to an application:

  1. Log in to Administration Console as an administrator.

  2. In Administration Console Dashboard, click Administration Tasks > Applications.

  3. Find the service provider you want to convert in the list of applications on the left.

    If the service provider is not converted, then there is no menu in the upper right corner of the tile and the image is a default SAML image for all SAML 2.0 service providers.

  4. Click the SAML service provider you want to convert.

  5. Review all of the available options to ensure they are correct.

    NOTE:If you have existing appmarks, Access Manager populates the Roles field with the roles assignments from the existing appmarks. The roles assignments here grant the users accessibility to applications. The role assignments on the appmark grants visibility to appmarks for the users.

  6. Click Save to convert the SAML 2.0 service provider to be a SAML 2.0 application.

  7. Click Yes to create a new appmark for this SAML 2.0 application.

    or

    Click No if you do not want a new appmark created for this SAML 2.0 application.

  8. Click the Configuration Panel, then perform an Update All to have the changes take effect.

After you have converted a SAML 2.0 service provider to be a SAML 2.0 application, the Advanced Setup links appear in each configuration section. You can use these links to view or edit additional settings not displayed in the Applications page of converted applications.