SAML setup for FirstWave products
Supported Versions
SAML Authentication is supported for FirstWave products when any of the following products or later versions are installed:
opCharts 4.8.3
opEvents 4.5.0
Setting up SAML Authentication
To setup SAML in FirstWave products, please follow these steps:
Go to application dashboard, Modules → Administration → Settings → Authentication.
Change the Authentication Methods to include saml. Change one of Auth Method 1 or Auth Method 2 or Auth Method 3 to saml from dropdown and click on Configure saml link as highlighted below.
Inside the model, add in the SAML configuration parameters.
Single Sign-On (SSO) URL | Mandatory. The Single Sign-On (SSO) URL is used by the SP to initiate the authentication process. It typically points to the IdP's SAML endpoint where the SP sends an authentication request (AuthnRequest) XML document. |
Metadata URL | Mandatory. Metadata URL provides essential information about the IdP, including endpoints, certificates, and other settings required for SAML authentication. |
User Attribute | (optional) SAML IDP attribute to be mapped with NMIS Username. SAML response needs to have a custom attribute which contains the NMIS Username, If the Username is present in NameId then this can be left empty. |
Login Label | Optional. Label to be used on the FirstWave SAML login screen. Default is Login with SAML |
Auth SameSite Cookie | This has to be set to Lax for SAML. The SameSite attribute for cookies is used to control whether cookies are sent along with cross-site requests. |
Press Update and Save the configuration.
Restart the OMK Demon.
SAML Metadata
For information on Assertion Consumer Service URL (ACS URL),
Go to Modules → Administration → Help → SAML Metadata
Response
The system will respond with the SAML Metadata for the FirstWave Service Provider. This details can be used on the Identity Provider.