ActiveMatrix BPM: SAML Web Profile Configuration
Use the fields on this screen to configure ActiveMatrix BPM to use SAML Web Profile to authenticate users of ActiveMatrix BPM applications.
This screen contains a subset of the available SAML Web Profile configuration parameters. All other SAML Web Profile configuration parameters contain default values, and can be modified post installation using TIBCO ActiveMatrix Administrator. For information about all of the available parameters, see "Using ActiveMatrix Administrator to Create a SAML Web Profile Shared Resource" in TIBCO ActiveMatrix BPM Single Sign-On.
Field / Option | Description |
---|---|
Entity ID | A unique ID that identifies the service provider and application that has been registered with an IdP.
This must match the ID that was configured at the IdP. |
IDP Metadata URL | The HTTP URL of the metadata file that was returned by the IdP when your application was registered with the IdP. (You cannot specify a file path, nor a "file://xx/xx" URL. This can only be specified as an HTTP URL.) |
Authentication Successful URL | The URL to which the user is redirected after being authenticated by the IdP. This must be:
http://host:port/openspace/sso/bpmssoapp.html where host is the DNS name or IP address of the server that hosts the ActiveMatrix BPM runtime, and port is the port used by the application. Although the Authentication Successful URL is used for all ActiveMatrix BPM applications, the response from the IdP is routed to the appropriate ActiveMatrix BPM application based on an interceptor script (bpm-sso-interceptor.min.js) that is included in the application that submitted the request to the IdP (for more information about the interceptor script, see "Using SAML Web Profile Authentication with Custom Applications" in TIBCO ActiveMatrix BPM Single Sign-On). |