Static SAML

Scenario

Fortified ID Access comes with two test authenticators. This use case addresses the test authenticator called Static SAML. If you want to set up a quick authenticator without having to connect to Active Directory, Entra or e.g. BankID, this authenticator can be a good choice.

Note. This use case uses default configuration of Management Center, Fortified ID Portal is already added as an SAML SP to Access acting as the SAML IdP.

Below are two links if above text is not fulfilled:

• Install Management Center

• Add Portal as SAML SP to Access SAML IdP

In this use case Fortified ID Portal will act as an SAML SP and Fortified ID Access as SAML IdP. On the SAML IdP their will be one authentication method which is Static SAML. This is not intended to be used in a production environment.

Prerequisite

• See above prerequisite in Scenario

• Windows server

  • At least 16 GB of RAM

  • A server certificate so LDAPS is supported for Active Directory

Note. All configuration and testing is done on the scenario server.

Add a Static SAML user

Note. The default configuration includes two Static SAML user (Walter Bishop and Peter Bishop). We will create a third Static SAML user called Static - Hanna Bishop.

Add Static SAML authentication method

1. Click Configuration tab

2. Click Authentication Methods and +

3. Expand Credential Validators

4. Scroll down and click Add for validator Static SAML data

5. For values, replace the default values with the one below.

   Copy

   {
     "id": "staticsaml_3",
     "type": "StaticSAML",
     "description": "Static data only for test.",
     "config": {
       "base_path": "${globals.default_login_suffix}",
       "nameID": "hbishop",
       "attributes": {
         "givenName": [
           "Hanna"
         ],
         "surname": [
           "Bishop"
         ],
         "personalNumber": [
           "98989898"
         ],
         "mail": [
           "[email protected]"
         ],
         "role": [
           "handboll",
           "app1",
           "app2"
         ]
       }
     },
     "display_name": "Static - Hanna Bishop"
   }

6. Deploy changes

7. Move on to next step

Add Credential validator to IdP default selector

1. Click Configuration tab

2. Expand SAML -> Default IdP -> Selector

3. On selector object, click OPTIONS tab

4. Click ADD OPTION and select the validator you just added, e.g. Static - Hanna Bishop (staticsaml_3)

   1. In Display Label type Static - Hanna Bishop

   2. In Logo URL, type assets/svg/fortified_app.svg

5. Click Update

6. Deploy changes

Edit existing Static SAML

1. Click Configuration tab

2. Click and expand Authentication Methods and +

3. Expand Credential Validators

4. Expand Static SAML data

5. Click the Static SAML object you like to manage

The result should look like: