Dear Customer,
In order to provision SSO for your Basware P2P system there are some activities that have to be provided / confirmed at your end.
First of all here is a description of how our SSO solution operates and what it supports:
- We support SP Initiated SSO only.
- We support SAML 2.0 and WS-* protocols only.
- Our SSO STS system is based upon an ADFS 4.0 system.
In order for us to configure SSO for your system you will first need to:
- You need to have an SSO system available that supports the above
- You need to configure an Identity Provider / Claims provider in your system.
- Using the meta data found at this URL: https://sso.p2p.basware.com/FederationMetadata/2007-06/FederationMetadata.xml
- With a single claim being passed to us as follows
- Ensure that the Name ID is set to transient
- NOTE: For the solution to work efficiently, Basware strongly recommends you to configure your cookies in a way that they expire when User closes Session/Browser.
This information should make sense to your IT department.
Once this has completed, please provide us the following:
- Your systems Federation Meta Data (URL is preferred, for automatic updates of metadata information)
- This should be in the form of a URL link, or a xml file
- This should contain the Certificate / Key information within it, and the Certificate / Key should not be sent as a separate item
- Please inform us if you are using 2 different IdP for Test and Production in your SSO solution, or just a IDP.