Configuring UAA as an Identity Provider

If you have applications that provide Service Provider (SP) capability (For example, GitHub Enterprise or ServiceNow), you can configure UAA as an Identity Provider (IdP).

Before you begin

Obtain your SP metadata from your administrator.
Log In to Predix.io and go to Console view.

About this task

Complete the following procedure to configure UAA as SAML IdP to integrate with other service providers.

Procedure

In the Services Instances page on Predix.io, select the UAA instance that you need to configure.
Select the Configure Service Instance option.
In the UAA Dashboard login page, specify your admin client secret and click Login.
In UAA Dashboard, click on the Identity Providers tab.
In the UAA as Identity Provider section, select New Service Provider.

In the New Service Provider form, specify the following information and press Submit:

Name of the Field	Description
Name	Specify the name of your SP.
Entity ID	Specify the Entity ID for your SP. This value must match the value in the SP metadata.
Active	Select this option to set the the SP as active. If you have multiple SPs defined for a single UAA instance, UAA interacts with only active SPs. If you have multiple activeSPs for a single UAA instance, you must ensure that the clients related to the SPs are updated with the corresponding information. Although it is possible to update a single client to interact with multiple SPs, as a best practice, you can define a new client for each of your application to interact with UAA.
Metadata	Specify the SP metadata and download the UAA IdP metadata in this field. You must obtain the SP metadata from your SP administrator. You must supply the UAA IdP metadata to your SP administrator.
UAA Validate SAML Metadata	(Optional) Select this option for UAA to check the SP metadata for valid signature value. UAA performs this check every time a user initiates the SAML communication.

The SP is displayed in the list of Service Providers.