# Installing of the Authentication Provider SAML
# Requirements
To use the 4App Authentication Provider SAML, make sure you have
- an installed 4App Authentication Base (opens new window), version 4.0 or higher
# Installation of the 4App
The Authentication Provider SAML is available as a separate 4App (4allportal-authentication-provider-saml) and can be downloaded and installed via the app management in the administration area. After installation, activate the 4App and restart the system.
You now find two new admin snap-ins Authentication/Authentication provider SAML and Authentication/Identity provider SAML to configure in the administration area of your 4ALLPORTAL.
# Security
For security reasons, the Service Provider (4ALLPORTAL) and Identity Providers should always communicate via HTTPS.
When mixing HTTP and HTTPS, various errors can occur. For example, Chrome sends null for CORS origin and the access from the Identity Provider to the 4ALLPORTAL is blocked.
# Added URLs
With this 4App, some new URLs are added to the CoreEngine:
| URL | function |
|---|---|
| /saml/* | Various URLs are used internally. |
| /saml/metadata | Downloads the SP metadata. They are needed to set up an IDP. |
| /saml/login?idp=... | Login at IDP |
| /saml/info | Displays the data of the logged in SAML user. |
Additionally, there is a URL in the CoreEngine to display all visible Authentication Providers:
${external_url}/service/usermanagement/authentication_provider/list