Step 1 - Configure SAML Application
Step 2 - Provide Metadata to Cirrus
Step 3 - Add the Additional IdP to Discovery
This document outlines the steps required to configure a Cirrus Proxy Connector for customer service providers. In this use case you need to integrate your proxy with an additional identity provider (IdP) that is not in InCommon or eduGAIN. You will need to coordinate communication with the owner of that IdP.
First, the owner of the additional IdP will create a new SAML integration in their primary identity provider with the Proxy Connector as the service provider. Your Cirrus Technical Implementation Lead will provide you with the values specific to your Proxy Connector and you will provide this information to the owner of the IdP to configure the SAML Application and send you the metadata. You will then send this metadata back to Cirrus and we will load it. Once it is loaded, you will coordinate testing and troubleshooting for that IdP with the IdP owner.
In this step, you will work with the additional IdP owner to add the Service Provider configuration. Your Technical Implementation Lead will provide you with the following information specific to your proxy connector.
For identity providers that accept metadata, you should just need the metadata. For others, you may need to manually configure and add the information above.
Next you will add attributes. The list of attributes will be customized to what is needed for your proxy setup and the requirements of the additional identity provider.
Once the additional IdP owner provides the metadata url for the SAML Application created in the previous step, please send it to your Technical Implementation Lead or support@cirrusidentity.com. We will then load the metadata.
Now that the metadata has been loaded, you will now add the additional IdP to the discovery screen for your proxy. See the ‘Configuring Identity Providers’ section of the Cirrus Discovery Documentation.
Once the additional IdP is available on the proxy discovery screen, you can now test your integration. Please try logging into a service provider with the additional IdP. you run into any issues, please generate a SAML Trace and send to your Technical Implementation Lead.