As an IdP, you manage connection settings to support the exchange of federation-protocol messages (SAML, WS-Federation, or WS-Trust) with an SP or STS client application at your site.
- User attributes that you expect to send in an SSO token (SAML assertion, WS-Trust STS SAML token, or WS-Federation JSON Web Token).
- User attributes that may be sent using the SAML Attribute Query profile (if that profile is used).
- The protocol, profiles, and bindings of the connection, including detailed security specifications (the use of back-channel authentication, digital signatures, signature verification, and XML encryption).
To establish a connection, you and your partner must have decided this information in advance (see Federation planning checklist).
If your agreement includes sending assertions containing attribute values from local data stores, you must define the required data stores (see Managing datastores).
You manage connection settings using the SP Connection wizard, which organizes the settings into a series of primary tasks. Some primary tasks have one or more levels of sub tasks. Each primary or sub task has its own screen, where you manage one or more settings. You may move to a sibling task using the Next or Previous button. If you are on a sub task, you may also move to its parent task using the Done button.
When creating a new connection, you may save your progress using the Save Draft button. Note that not all screens offer this option. When you reach the Activation & Summary screen, you must click Save to complete the new connection.
When editing an existing connection, you may make changes and then click Save to commit your changes. In order words, you are not required to step through all screen to reach the Activation & Summary screen before you can save your changes.
The Save button is available on most screen. If a screen does not show a Save button, click Next or Done until you reach to a screen where you can use its Save button to commit your changes.