Testing Web federated login

After enabling Web federated login in the ID vault policy, do a test login.

About this task

Log in as a test iNotes® user to confirm that Web federated login is enabled. To do so, open a browser and enter the URL for a database on the Domino®® Web server running iNotes®.

If the home URL of the server or internet site is an iNotes® redirect database, enter the URL for the Domino®® Web server running iNotes® for example: https://mail1.us.renovations.com.

The test user's browser is redirected to the IdP for login. After authenticating with the IdP, the browser is redirected to the originally requested Domino® URL. When the iNotes® redirect database is the home URL, the test user's mail is displayed in the browser. If this completes successfully, SAML authentication is properly configured at the Domino® server.

If Web federated login is also properly configured, the test iNotes® user should no longer see a password prompt for access to encrypted mail.

Some typical problems are:
  • Missing IdP relying party trust for the ID Vault.
  • Incorrect IdP entries.
  • Invalid metadata imported into the IdP catalog.
  • No cross-certificate for accessing the ID Vault.
  • ID not found in vault