WS-Federation Configuration
Required Information
To setup WS-Federation AgWare needs some information about the identity provider.
- The issuer
- The token endpoint
- The token activation endpoint
- The signing certificate
This information can be provided as an XML file, metadata URL, or as plain text.
AgWare will provide the wtrealm and reply URL to be entered into the identity provider.
Microsoft Entra ID Example
Start by navigating to the Entra Enterprise applications and select New application.
Select Create your own application.
Then choose Integrate any other application you don't find in the gallery (Non-gallery) and provide an application name. Then click create.
Required Information
Entra provides several ways to get the required information. The easiest is to use the metadata URL found in the SAML configuration.
To configure WS-Federation in Entra for Cost New navigate to the associated Enterprise applications.
From the Enterprise application navigate to Manage → Authentication and look for the SAML Certificates box. It contains the metadata URL which can be used to provide the information.
Don't get this confused with the Manage → Authentication under App registrations.
Configure Entra for Cost New
To configure WS-Federation in Entra for Cost New navigate to the associated Enterprise applications.
From the Enterprise application navigate to Manage → Authentication and select SAML.
In the SAML configuration click edit and enter a reply URL and an identifier.
None of the SAML information will save until a reply URL and an identifier are provided. This means that certificates and other information provided prior to saving may not be valid.
Add either placeholder values, or the values provided by AgWare for the identifier and reply URL.
SAML is not the same as WS-Federation, but this configuration panel applies to both.
This means that the wtrealm will be entered as an identifier on Entra as this field applies to both properties.
Save the changes.
