Configuring a Domain URL for SAML

These instructions assume you have already created a SAML configuration in Faspex. For instructions to do so, see Creating a SAML Configuration in Faspex.
Domain URLs allow users to directly access a SAML IdP. A user may use a domain URL to bypass the default SAML IdP if the user is not a member of that IdP. Configuring a domain URL requires you to access Faspex through a browser to access the metadata file for the SAML configuration.
  1. Go to Server > Authentication > SAML Integration and select your SAML configuration.
  2. Enter an alternate hostname in the Domain URL text field. For example, you may enter shibboleth.faspex.example.com.
    Note: Verify with your IT department that the domain URL resolves to your Faspex server's hostname in your DNS.
  3. Click Update SAML Configuration.
  4. Go to the SAML Configurations page in Faspex (Server > Authentication > SAML Integration). Click the Metadata link.
    Faspex redirects you to page displaying the metadata in XML format.

  5. Change the URL in the browser to match the domain URL's hostname instead of the Faspex IP address.
    For example, if your Faspex IP address is 198.51.100.24, your metadata URL may be: https://198.51.100.24/aspera/faspex/auth/saml/metadata/1. If your domain URL is shibboleth.faspex.example, change the URL to https://shibboleth.faspex.example/aspera/faspex/auth/saml/metadata/1.

    Enter the new URL in your browser and go to that page.

  6. Save the page as an XML file to your machine.
  7. Follow the instructions provided by your IdP to configure the domain URL's metadata in the IdP.
Once configured in your SAML IdP, accessing the domain URL redirects you to the IdP. Log in to the IdP to access Faspex.