Testing Web federated login

After enabling Web federated login in the ID vault policy, do a test login.

About this task

Log in as a test iNotes® user to confirm that Web federated login is enabled. To do so, open a browser and enter the URL for a database on the Domino®® Web server running iNotes.

If the home URL of the server or internet site is an iNotes redirect database, enter the URL for the Domino® Web server running iNotes for example: https://mail1.us.renovations.com.

The test user's browser is redirected to the IdP for login. After authenticating with the IdP, the browser is redirected to the originally requested Domino URL. When the iNotes redirect database is the home URL, the test user's mail is displayed in the browser. If this completes successfully, SAML authentication is properly configured at the Domino server.

If Web federated login is also properly configured, the test iNotes user should no longer see a password prompt for access to encrypted mail.

Some typical problems are:
  • Missing IdP relying party trust for the ID Vault.
  • Incorrect IdP entries.
  • Invalid metadata imported into the IdP catalog.
  • No cross-certificate for accessing the ID Vault.
  • ID not found in vault
Note: For tips on troubleshooting problems that are specific to the ID vault, see the Domino wiki article: Troubleshooting ID vault test deployments.