Step 1: Set Up OpenAM as Identity Provider

    All the information required to configure in the OpenAM i.e. plugin’s metadata is given in the Service Provider Info tab of the miniOrange plugin.


    SAML Single Sign On (SSO) using OpenAM Identity Provider,OpenAM SSO Login  Create OpenAM as a Hosted Identity Provider

    Note: – You can skip this step and navigate to Configure Remote Service Provider if you have already configured OpenAM hosted IDP.

      • Login to the OpenAM admin console.
      • From the REALMS, select realms, under which you want to create hosted IDP. You will be redirected to the Realm overview page.
      • Click on Create SAMLv2 Providers in the Realm Overview page.

        SAML Single Sign On (SSO) using OpenAM Identity Provider, Select Identity Provider Profile
      • Click on Create Hosted Identity Provider. You will be redirected to the configuration page.

        SAML Single Sign On (SSO) using OpenAM Identity Provider, Register IDP
      • Configure IDP as given below.

        • Name: Name of the IDP
        • Signing Key: Select the signing key from the dropdown.
        • New Circle of Trust: Provide a name of the groups of IDP and SP that trust each other.
        • Attribute Mapping: Configure user profile attributes to be sent to the Service Provider application.

          SAML Single Sign On (SSO) using OpenAM Identity Provider, Configure Identity Provider
        • Click on the Configure button on the top right corner.
        • Verify the configuration from the Federation tab of OpenAM.
      SAML Single Sign On (SSO) using OpenAM Identity Provider,OpenAM SSO Login  Configure Remote Service Provider.

        • Login to the OpenAM admin console.
        • From the REALMS, select realms, under which you want to configure your application. You will be redirected to the Realm overview page.
        • Click on Create SAMLv2 Providers.

          SAML Single Sign On (SSO) using OpenAM Identity Provider, Select Service Provider Profile
        • Click on Register Remote Service Provider. You will be redirected to the configuration page.

          SAML Single Sign On (SSO) using OpenAM Identity Provider, Register SAML Service Provider
        • Configure the Service Provider as given below.

          • Where does the metadata file reside: URL.
          • URL of metadata: Configure miniOrange plugin's metadata here.
          • Circle of Trust: Add to existing.
          • Existing Circle of Trust: Select the Circle of Trust (group) in which your hosted IDP is located.
          • Attribute Mapping: Configure user profile attributes for mapping.

            SAML Single Sign On (SSO) using OpenAM Identity Provider, Configure Service Provider details
        • Click on the Configure button on the top right corner.
        • Verify the configuration from the Federation tab of OpenAM.
        • Provide OpenAM SAML metadata to Service Provider application(miniOrange SAML plugin).
        • You can download the OpenAM metadata using the URL given below.
          [OpenAM ServerURL]/saml2/jsp/exportmetadata.jsp
        • In case if you have multiple realms and hosted identity Provider configured then use the URL given below.
          [OpenAM ServerURL]/saml2/jsp/exportmetadata.jsp?entityid=[IdPentityID]&realm=/realmname

@ Copyright 2026 miniOrange Security Software Pvt Ltd. All Rights Reserved.

Privacy Policy Terms of Service Cookies Preferences