Manually Configure a SAML Identity Provider Through the Common Services
Expand all | Collapse all
Manually Configure a SAML Identity Provider Through the
Common Services
Learn how to manually configure a SAML identity provider
through
Common Services
.
After you
add an identity federation and
you choose to configure a Security Assertion Markup Language (SAML)
provider manually, you complete the following steps.
Manually configure a SAML provider from .
Select
Configure
Identity Provider
.
Go to your identity provider’s console, download the
certificate, and take note of all the provider’s details. The console details
look similar to the following, but all providers are slightly different.
In your identity provider’s console, set up the Attribute Statements for
firstName
of user.firstName,
lastName
of user.lastName, and
email
of user.email. Without them, you will only see
a blank name in the hub or
Prisma SASE Platform
. The console details look
similar to the following, but all providers are slightly different.
In the
,
Upload
Certificate
for your identity provider certificate.
Enter your
Identity Provider ID
.
Enter your
Identity Provider SSO URL
.
The Configure Identity Provider button is replaced with
the Login URL that you configured. The Login URL is how Palo Alto
Networks knows where to send the user when they log in. This is
disabled by default. Select .