Setting up as a service provider

1. To configure the Passport service as an service provider (SP) in your identity provider (IDP), complete the following steps:

   a. Download the SP metadata from the passport service at the following path and save it as an XML file:

   <YOUR_ENVIRONMENT’S_BASE_URL>/passportsvc/api/saml/metadata b. In your IDP, configure the SP with the Passport Service XML file you saved.

2. To configure your IDP in the Passport Service, contact the platform support team with the following information:

   • The name of the IDP you want to render when a user logs in

   • SAML XML metadata or a URL that contains SAML XML metadata

   • To map SAML response user information to a platform user, provide the following user attribute name mappings:

     • EmailAddress

     • FirstName

     • LastName

       For more information on user attribute names, see the table in Step 1 of Setting up the platform as an identity provider.

   Note: When the IDP registers with the platform, the platform support team will notify you. After this step, users can log in with the IDP.

3. Optional: To synchronize user information between multiple systems for automated provisioning and deprovisioning with the SCIM protocol, use the platform passport service APIs to invoke the SCIM API. For more information on SCIM, see SCIM protocol information synchronization.