WS-Federation settings for apps

You can find the WS-Federation protocol related settings under protocol section of the selected WS-Federation application.

Basic settings

Realm

WS-Federation realm is a unique identifier for the web app.

Reply URL

This should be the Relying Party (RP) endpoint URL that handles the response.

Reply Logout URL

This should be the Relying Party (RP) endpoint URL that handles the response at logout.

Advanced settings

Certificate

The certificate is used to validate signatures when authentication requests or logout requests from the application are signed.

You can either Provide Certificate or Use JWKS endpoint to add a certificate.
Follow the steps given below to Provide Certificate.

1. Select Provide Certificate and click New Certificate.

   

2. Upload the certificate file or copy the certificate contents
   

If you have certificate in other formats such as .crt, .cer or .der, expand here to convert your certs to PEM format using OpenSSL

Convert CRT to PEM

openssl x509 -in cert.crt -out cert.pem

Convert CER to PEM:

openssl x509 -in cert.cer -out cert.pem

Convert DER to PEM:

openssl x509 -in cert.der -out cert.pem