This configuration supports:
A SAML IdP service is a type of single sign-on (SSO) authentication service in Access Policy Manager (APM). When you use a BIG-IP system as a SAML identity provider (IdP), a SAML IdP service provides SSO authentication for external SAML service providers (SPs). You must bind a SAML IdP service to SAML SP connectors, each of which specifies an external SP. APM responds to authentication requests from the service providers and produces assertions for them.
A SAML service provider connector (an SP connector) specifies how a BIG-IP® system, configured as a SAML Identity Provider (IdP), connects with an external service provider.
You can use one or more of these methods to configure SAML service provider (SP) connectors in Access Policy Manager®.
Setting up a BIG-IP® system as a SAML identity provider (IdP) system involves two major activities:
This flowchart illustrates the process for configuring a BIG-IP® system as a SAML identity provider (IdP) that provides an SSO portal.
You associate the access profile with the virtual server so that the system can apply the profile to incoming traffic.