: Manually Configure a SAML Identity Provider Through the Common Services
Focus
Focus

Manually Configure a SAML Identity Provider Through the Common Services

Table of Contents

Manually Configure a SAML Identity Provider Through the
Common Services

Learn how to manually configure a SAML identity provider through
Common Services
.
After you add an identity federation and you choose to configure a Security Assertion Markup Language (SAML) provider manually, you complete the following steps.
  1. Use one of the various ways to access
    Common Services
    Identity & Access
    .
  2. Manually configure a SAML provider from
    Common Services
    Identity & Access
    Identity Federations
    .
  3. Select
    Configure Identity Provider
    .
  4. Select
    Enter Manually
    Next
    .
  5. Go to your identity provider’s console, download the certificate, and take note of all the provider’s details. The console details look similar to the following, but all providers are slightly different.
  6. In your identity provider’s console, set up the Attribute Statements for
    firstName
    of user.firstName,
    lastName
    of user.lastName, and
    email
    of user.email. Without them, you will only see a blank name in the hub or
    Prisma SASE Platform
    . The console details look similar to the following, but all providers are slightly different.
  7. In the
    ,
    Upload Certificate
    for your identity provider certificate.
  8. Enter your
    Identity Provider ID
    .
  9. Enter your
    Identity Provider SSO URL
    .
  10. Select
    Next
    .
  11. The Configure Identity Provider button is replaced with the Login URL that you configured. The Login URL is how Palo Alto Networks knows where to send the user when they log in. This is disabled by default. Select
    Actions
    Enable
    .

Recommended For You