Generic SAML Enterprise Connection
Use Generic SAML when your identity provider supports SAML 2.0 but is not listed as a named provider in AuthAction.
Service Provider metadata
Section titled “Service Provider metadata”Use these values when registering AuthAction as a relying party in your IdP:
| Field | Value |
|---|---|
| ACS URL | https://<tenant-name>.<region>.authaction.com/oauth2/saml/callback |
| SP Entity ID | Your tenant URL (for example https://<tenant-name>.<region>.authaction.com) |
| Name ID format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
Replace <tenant-name> and <region> with your AuthAction tenant values.
Step 1: Create a SAML application in your IdP
Section titled “Step 1: Create a SAML application in your IdP”- Create a new SAML application or relying party for AuthAction.
- Set the ACS / Reply URL to the ACS URL above.
- Set the Audience / SP Entity ID to your tenant URL.
- Configure Name ID to map to the user’s email address when possible.
Step 2: Collect IdP details
Section titled “Step 2: Collect IdP details”| Field in AuthAction | Description |
|---|---|
| IdP SSO URL | The HTTP-Redirect (or equivalent) SSO endpoint of your IdP |
| Entity ID / Issuer | Unique identifier your IdP publishes for itself |
| Certificate | (Optional) IdP X.509 certificate for SAML assertion signature verification |
Step 3: Configure in AuthAction
Section titled “Step 3: Configure in AuthAction”- Open the AuthAction Dashboard.
- Go to Connections > Enterprise Connections.
- Select Generic SAML (or equivalent).
- Enter the IdP SSO URL, Entity ID / Issuer, and optional Certificate.
- Save the connection.
Step 4: Enable and test
Section titled “Step 4: Enable and test”- Under Applications, enable this enterprise connection for the apps that should use it.
- Open your app login page and complete an enterprise sign-in to verify the flow.