Configure IdP Browser SSO
Browser-based single sign-on (SSO), also known as Browser SSO, relies on a user’s web browser and HTTP requests to broker identity-federation messaging in XML or JSON web token (JWT) between an identity provider (IdP) and a service provider (SP).
Go to Applications → Integration → SP Connections to access an existing or create a new SP connection. For more information, see Accessing SP connections.
From the Browser SSO tab inside your SP connection instance, click Configure Browser SSO and follow the steps below based on your federation protocol.
Many steps involved in setting up a federation connection are protocol-independent. They are required steps for all connections, regardless of the associated standards. For more information, see Federation roles. Some steps are required under the applicable protocol, while others are optional. Still others are required only based on certain selections. The administrative console determines the required and optional steps based on the protocol and dynamically presents additional requirements or options based on selections. The following sections provide sequential information about every step you might encounter while configuring browser-based SSO, depending on the protocol you are using for a particular connection. |
WS-Federation configuration steps
After configuring SSO settings, you will normally need to configure authentication credentials, the range of which depends on your SSO selection. For more information, see Configuring credentials. You might need to complete further configuration tasks for new or modified connections, depending on the selected options on the Connection Options tab.