Skip to Content

SAML 2.0 config - How to change endpoints in metadata XML file

Hello,

After configuring SAML 2.0 authentication on our ERP system, I realized that I needed to create a new virtual host, under which my SAML-protected services and aliases would sit. I created a new domain name for this virtual host, saml2.host.domain.edu.

My problem now is that my ADFS admin requested that I re-create the service provider metadata XML file to reflect the new endpoints. I have not determined how to do this. In the browser-based SAML2 configuration screens, I do not find a way to indicate which endpoints to use.

Any help is much appreciated.

Best regards,
Jill

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Apr 25 at 02:57 PM

    Rather than switch over to using a proxy or Web Dispatcher, I did the following:

    1. Under my new Virtual Host, saml2_host, I copied all of the services related to SAML2 Configuration, making sure to check the Handler List for each service.


    2. Under my new Virtual Host, saml2_host, I created a new External Alias: "/sap/saml2". This External Alias is based off the one by the same name under default_host. I selected its "Trg Element" as saml2_host > sap > public > bc > sec > saml2.


    3. In my browser, I called up the SAML2 configuration using the URL with my new domain name: https://saml2.host.domain.edu/sap/bc/webdynpro/sap/saml2?sap-client=&sap-language=EN

    4. From here I was able to download the service provider metadata XML file, which I then passed along to my colleague managing the Identity Provider side of things.

    I hope this solution might be of use to others.

    Cheers,
    Jill

    Add comment
    10|10000 characters needed characters exceeded

  • Apr 09 at 07:31 PM

    Hi Jill,

    To generate the metadata file with the correct endpoints, it's necessary to access the SAML2 configuration page using the desired host:port.

    KBA 2326063 explains it when a proxy is used.

    Regards,

    Add comment
    10|10000 characters needed characters exceeded