Question
PEGA SSO implementation with SAML 2.0
Hello, I Need help to answer the below questions. These are for a Pega project and for the SSO implementation with SAML 2.0. Many thanks.
===> Compatibility with the Security Assertion Markup Language (SAML), open and standardized protocol based on XML *
To exchange authentication and authorization information between security entities or domains
1- Which mode of SSO SAML the application supports, IdP-initiated or SP-initiated SSO.
===== > SP-initiated
2- What are the user attributes expected by the application.
===== >
3- What is the format of the "NameID" (identifier in the federation) supporting the application and what information is expected in this attribute.
===== >
4- Does the application wait until the entire SAML response of the IdP is signed or only the assertion (format of the XML message)
===== >
5- Is the encryption of the attributes and / or the assertion required?
===== >
***Updated by Moderator: Marissa to update categories***
6- Are you considering sending us a complete metadata file or a simple url
With possibly a public certificate to check the signatures of SAML messages?
===== >
Hi, who should be generating the self signed certificate for the SP?
What is your IDP? please read this runbook: https://pdn.pega.com/documents/ca-single-sign-federation-runbook. Even if this is for CA SSO IDP, the main procedure would be similar. You should work closely with your IDP admin to go through the SAML setup process. If you run into any issues, please report your specific issues here or through service requests.