Onboarding Service Providers and users
The IdP server administrator must make one-time entries in the TP_MASTER
table to onboard SPs and users.
About this task
Here is example SQL for onboarding an SP.
INSERT INTO TP_MASTER
(TP_ID, TP_NAME, TP_INFO, KEY_ALIAS)
VALUES
('SP_Id', 'SP display name', 'SP description', 'keystore alias name')
After the trusted parties are registered with the IdP server, the IdP server administrator can map users to participate in federated single sign-on.
The user mapping must be strictly one-to-one between two SPs. For example, User1 from SP_A must be mapped ONLY to any one user in SP_B. However, User1 from SP_A can be mapped with another user in SP_C in the same federation.
Here is an example query for adding users in the TP_MAPPING
table.
INSERT INTO TP_MAPPING
(TP_CLIENT_ID, TP_FOR_USER_ID, TP_SP_ID, TP_MAPPED_USER_ID, SAML_TOKEN)
VALUES
(’SP1_Id’, ’SP1_user_Id’, ’SP2_Id’, ’SP2_user_id’,'dummy1')
Note:
The entries for
TP_SP_ID
and TP_FOR_USER_ID
must be a minimum of 4 characters and up to 24 characters long, and contain only alphanumeric, hyphen and underscore characters: [a-zA-Z0-9_-]
. Insert unique dummy entries for the SAML_TOKEN
column, as this column does not allow nulls and duplicates.