Creating and replicating the IdP Catalog

Create the IdP Catalog (idpcat.nsf) and replicate it to any servers participating in SAML federated authentication. If you will enable Web federated login or Notes federated login, also replicate it to the ID vault server.

About this task

Note the requirements for the IdP Catalog:
  • You must use the file name idpcat.nsf and put the catalog in the data directory.
  • Do not enable document locking on the catalog.

Procedure

  1. From the Domino® Administrator client, create the IdP Catalog application (idpcat.nsf), using the template with the file name idpcat.ntf.
    CAUTION: If your server is running on UNIX or IBM® i, make sure the file name is all lower-case.
  2. Use a restrictive access control list (ACL). Assign access only to the Domino® ID vault server and to Domino® SAML administrator(s) who are trusted to manage security.
  3. Replicate the IdP Catalog to the other servers that participate in SAML authentication. These servers are automatically given access to the IdP Catalog, regardless whether they have access through the ACL.