Copy of General SAML2 SP-installation guide

Last modified by aulaskar@helsinki_fi on 2025/02/04 06:55

Install HTTPS certificate to service(for example Terena). Configure ntp service to keep server time.

Set SAML2 entityId for example https://thenameofyourcertificate/saml

Set support contact email address in metadata something reasonable.

Install the signed metadata of login.helsinki.fi from https://login.helsinki.fi/metadata/sign-hy-metadata.xml

To check the signature use https://login.helsinki.fi/metadata/sc/sign-login.helsinki.fi.crt

Make sure the metadata is reloaded automatically.

Configure the user attributes we are sending. We can provide you with the exact names.

When everything is configured, send us your SAML2 metadata so we can add it to the trusted list of our login server.

Lastly, logout from the site and the login server must be configured. One of the attributes we send tells the location of the login server, as we might have several of those.

Copy of General SAML2 SP-installation guide

Navigation