ForgeRock Identity Cloud as a SAML 2.0 Identity Provider

Configure ForgeRock Identity Cloud as a SAML Identity Provider using ForgeRock Identity Gateway as SAML Service Provider.

Introduction

Use case 1: Use ForgeRock Identity Cloud as a SAML 2.0 IDP

Use case 2: Use Identity Gateway as a SAML 2.0 SP

Design your solution

nSimplified Architecture

Setup the network

Configure the Fedlet

Configure ForgeRock Identity Cloud

Create a test user

Creating new user
New user example
Set values for additional attributes
Attribute mapping
Login to realm
Successful landing page

Configure Federation

AM Native Console
Circles of Trust
New Circle of Trust

Setup the Service Provider

Entity Providers
New SP Entity
Newly created SP

Configure your Identity Provider.

Create hosted IDP
New Hosted Entity Provider
Attribute Mapper
Final attribute map
Don’t forget to Save!

Export your IDP settings.

Configure IG

Setup SAML folder with fedlet files

Remove BaseURI

Allow static resources to pass through

Pass through css etc

Configure SamlFederationHandler

SAML Route

Configure SP Initiated SSO Endpoint

Federate route and header injection

Test the Setup:

Login at test user
Protected application

Principal Technical Consultant at ForgeRock

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store