Manually adding Absolute metadata to your IdP
Some IdPs, such as Microsoft Entra ID (formerly Azure AD), Okta, and Onelogin, don't allow you to upload a metadata file. If you can't upload the absolute-metadata.xml file that you downloaded from the Set up Single Sign-On page, open it and locate the information required by your IdP to configure Absolute as an SP. Typically, you'll need to locate the following metadata:
To find the value or location for … | Search the metadata file for … |
---|---|
Entity ID | entityID and copy the value. |
Single Logout (SLO) endpoint Absolute's SSO solution supports SAML Single Logout (SLO) When SLO is enabled, all sessions established via SAML SSO are terminated by a single logout process. Users can log out of the identity provider (IdP) or any of the involved service providers (SP).. If you want the user session to end when a user logs out of the Secure Endpoint Console, add the SLO endpoint to the SP configurations. |
SingleLogoutService and copy the Location specified for either the HTTP-POST binding or the HTTP-REDIRECT binding, depending on the requirements of your IdP. |
Single Sign-On (SSO) endpoint | AssertionConsumerService and copy the Location specified for either the HTTP-POST binding or the HTTP-REDIRECT binding, depending on the requirements of your IdP. |
For more information about adding a new SP to your IdP, refer to the documentation provided by your IdP.