Good morning,
I've been working with a few customers on getting the API Portal to link into the gateway using a Mock up IDP configuration. I've attached a restman folder bundle that contains 3 services which provides a login page which then does a redirect to another service to validate the user against the local identity provider. This configuration is a template of what can be done and does require a few changes.
Information to use the bundle:
1) Portal SAML SSO Authentication Scheme configuration:
Identity Provider URL: https://<gateway FQDN>/samlReqPost
SAML Binding: Post
SAML Token Attribute SAMLResponse
SAML Token Attribute In: Parameter
Mapping
Email = mail
First Name = givenName
Last Name = sn
Login = login
Organization = organization
Role = memberOf
2) Modify the /samlRegPost service so that the Location header points to https://<gatewayFQDN>/testSamlLogin
3) Modify the /testSamlResponse1 so that
a) the portalUrl context variable is set to https://gateway.support.local/portalAuth/sso/validateSaml
b) userOrg and userGroup context variables are populated with valid organization names.
4) Create a group called SAMLUsers in the local Identity Provider and create a sample user which needs to be added into the new group
Sincerely,
Stephen Hughes
Broadcom Support