Freshdesk SSO

[Nate Klingenstein]

Brandon,

You’ll probably want to mock up a metadata entry on their behalf and load it into your SP.  Changes to the anonymous relying party behavior can result in an extremely promiscuous IdP.

You might find the annotated example SP here to be useful as a starting point:

https://www.testshib.org/metadata/testshib-providers.xml

Hope this helps,
Nate.

On Aug 8, 2015, at 4:59 PM, Martin, Brandon L <martinb at psd401.net<mailto:martinb at psd401.net>> wrote:

Hello again Shibboleth users,

I am working with Freshdesk<https://support.freshdesk.com/support/solutions/articles/31166-single-sign-on-remote-authentication-in-freshdesk> as an SSO party. They don't provide a metadata file, so I am under the impression they need to be setup as an AnonymousRelyingParty. I found the following code to setup an anonymous party, but it looks to be Shibboleth V2. I've read through UpgradingFromV2<https://wiki.shibboleth.net/confluence/display/IDP30/UpgradingFromV2> but I still do not understand the conversion and am having a hard time finding examples.

<AnonymousRelyingParty provider="https://psdts.freshdesk.com/login/saml"
                           defaultSigningCredentialRef="IdPCredential" />


<security:Credential id="IdPCredential" xsi:type="security:X509Filesystem">
                <security:PrivateKey>${idp.home}/credentials/idp-encryption.key</security:PrivateKey>
                <security:Certificate>${idp.home}/credentials/idp-encryption.crt</security:Certificate>

</security:Credential>


Is this possible in Shibboleth V3?


Thank you

Brandon Martin
martinb at psd401.net<mailto:martinb at psd401.net>
Peninsula School District
Data Integration Analyst

Ext: 3712
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150808/8cbbbea1/attachment.html>