Configure SAML Options

To configure an existing SAML IdP, go to Server > Authentication > SAML Integration and click the name of the IdP.
Option Description
Name Give this configuration a name.
Publicly Visible Determine whether Faspex allows users to choose this IdP as an option from the local login page. If selected, Faspex displays this IdP as a login option. If not selected, Faspex does not display this IdP and users must access the IdP using a domain URL.
Note: If the admin does not specify a SAML configurations as the default, Faspex automatically redirects users to the local login page. For more information on bypassing the SAML redirect, see Bypassing the SAML Redirect.
Public Login Instructions This option becomes available when Publicly Visible is selected. Enter a description of the IdP and specify instructions for logging into the IdP.
Restrict access to known groups Prevent SAML users that are not members of existing Faspex SAML groups from logging into this IdP. If a user is a member of multiple groups, the user can log in as long as one of those groups exists in Faspex.
Note: If this feature is enabled, Faspex does not create new groups for users that are a member of multiple SAML groups. For more information about automatically creating new groups, see User Accounts Provisioned by Just-In-Time (JIT) Provisioning. For more information about SAML groups, see Creating SAML Groups.
Redirect to SAML logout page on logouts When SAML users log out of Faspex, they are redirected to the SAML logout page instead of the local login page. From the SAML logout page, users can log back into Faspex with SAML.
Restrict access to known users Prevent users that are not existing Faspex SAML users from logging into this IdP.
Default SAML Configuration Determine if accessing the Faspex URL redirects users to this IdP or to the local Faspex login page. If selected, accessing the Faspex URL directs them to this IdP. If not selected, users arrive at the local login page instead.
Note: Setting a default SAML configuration does not affect the workflow for client applications such as IBM Aspera Drive or the IBM Aspera Add-in for Microsoft Outlook. Even if a configuration is set as default, the client application still presents all public SAML configurations.
Domain URL Enter an alternate Faspex domain URL that directs users to this IdP when they access it. This URL overrides the default URL.
Tip: You do not need to enter a full URL. For example, you can use instead of
Domain URLs require further configuration. For more information, see Configuring a Domain URL for SAML.