Show TOC

Enabling Service Providers to Share Persistent Name IDsLocate this document in the navigation structure

Prerequisites

You have configured your service provider to use the persistent name ID format.

For more information, see Configuring Identity Federation with Persistent Pseudonyms.

Context

A given persistent name ID exists only once per user pairing between an identity provider and a service provider. You can configure a group of service providers, called an affiliation, to share a persistent name ID for each user. All service providers that take part in the affiliation identify themselves to the identity provider with an affiliation ID. If the service providers are members of the same affiliation, the identity provider sends the persistent name ID saved for that user for the affiliation.

Procedure

  1. Start the SAML 2.0 configuration application (transaction SAML2).
  2. On the Local Provider tab, choose the Service Provider Settings tab.
  3. Choose the Edit pushbutton.
  4. Under Miscellaneous, enter an identifier in the Affiliation Name field.
  5. Save your entries.

Results

Configure any other service providers that are to participate in the affiliation to use the same affiliation ID.

Configure the identity provider to use a persistent name ID for the affiliation.

For more information, see the documentation for your provider vendor.