Configure Identify system set up to support eID messages
After the tenant creation, user needs to login to the Admin site then access to the system setup page to do the following configuration:
- Sign metadata: set it to be True
- SAML 2 Profile: choose the profile: eHerkenning
- Security token resolver factory: choose the option: “Safewhere.IdentityProvider.Saml2.Tokens.CustomSubResolverSecurityTokenResolverFactory, Safewhere.IdentityProvider.Saml2”
- Signing security token sub resolvers: choose “Select All”
- Encrypting security token sub resolvers: choose “Select All”
Here is the screenshot:
After clicking Save button on the System setup page, please do the IIS reset so that the change will be applied.
Create and configure a SAML2.0 protocol connection for DV
1. On the connection list, create the new SAML2.0 protocol connection.
2. Import the metadata on the SAML2.0 protocol connection
3. Open the SAML2.0 protocol, then choose the SAML 2 profile which is “Eherkenning”
Then click Save button, it will look like this:
Besides, when using Eherkenning profile, some settings must be customized: the option “Do not encryption” should be True
Create and configure a SAML2.0 authentication connection for AD
1. On the connection list, create the new SAML2.0 authentication connection.
2. Import the metadata on the SAML2.0 authentication con2 pnection
3. Open the SAML2.0 authentication, choose the SAML rofile which is “Eherkenning” then click Save.