Anyone has configured IDP-Discovery ?
Hello Vasavi, What is the specific question you have. This should help, please review; e.g. for CA SSO R12.52SP1x Federation:
IDP Discovery Profile (SAML 2.0) - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation
Here is what I have configured and facing an issue.
Followed the document to configure IDP and SP
Sp and IDP using same read only directories.
Idp: sps 12.8
Enabled Idp discover
Service url: http://xyz.a.c.com/affwebservices/public/saml2ipd
Common domain: .c.com
Aco parameter cookie domain : -
SP: installed option 12.52 sp1
Target url : http://abc.a.c.com/affwebservices/public/IdpDiscovery.jsp
Aco paramenter cookie domain :-
User able to authenticate and authorized
When I click on “retrieve idp discovery cookie from IPD service”
Retrieve idp discovery cookie from IPD Service
_saml_idp cookie not found. User has not logged in to any common-domain-cookie enabled IdPs.
GET /affwebservices/public/IdpDiscovery.jsp?SAMLResponsegetIPDCookieFailure HTTP/1.1
Vasavi, I was going to suggest you to open a Support case and provide logs/traces, but I checked and you have already done so.
- thanks, Vijay
sreev - I am also trying to implement IDP Discovery but I am facing the same issue mentioned above.
Can you please let me know if you have managed to raise a support case for it. Are you able to implement it successfully ?
Thank you in advance for your reply.
<a href="https://***.ca.com/affwebservices/public/saml2ipd?IPDTarget=http://zz.ca.com/affwebservices/public/IdpDiscovery.jsp&SAMLRequest=getIPDCookie">Retrieve idp discovery cookie from IPD Service</a>
I was missing Retrieve ids discovery cookie from ipd service after I added that it worked
Thank you for the details.
Could you please go through the below details and provide your thoughts.
1. Our system is acting as Identity Provider.
2. Vendor system is acting as Service Provider.
As we are acting as Identity Provider, I have configured the below details in the federation partnership
1. Navigated to a partnership
2. Navigated to SSO and SLO section
3. Configured the below details within IDP Discovery section
Enable IDP Discovery : Yes
Service URL: https://idpsystem.dev.com/affwebservices/public/saml2ipd
Common Domain: .dev.com
I have referred the below CA Docs and made the configuration changes at IDP end
IDP Discovery Profile (SAML 2.0) - CA Single Sign-On - 12.7 - CA Technologies Documentation
Can you please confirm if we need to make further any changes at IDP end ?
Thank you again for your help.
Thanks & Regards,
Retrieving data ...