Setting Up SAML Metadata in Clarity
Every Identity Provider (IDP) that supports SAML 2.0 provides a way to share the SAML metadata with other applications. Please check the security administrator in your organization to provide you the SAML metadata for your IdP. You can then import the SAML metadata file into Clarity.
Once you receive the metadata from Identity provider (IDP), you need to import to your clarity.
- You need to open the New UI URL of clarity. Below URL is the example of new UI. You have to remove everything before the port and add /pm.
http://ppmtemp.test.clarity.net:8080/pm
2. Once you open the new URL click on SAML -configuration.
3.Click on + symbol of left corner and import the metadata that you got from IDP.
4.Once import, try to check few things i.e., assertion consumer URL.
Export the Service Provider Metadata
Once you done above activity, next step will be your export of metadata from your clarity (service provider) to identity provider(IDP).
- Click on administration.
- Click on authentication & key
- Click on SAML-configuration.
- Right click on configuration you want to export.
The file is ready for share, please do cross check of metadata if information is correct.
Update Settings in Clarity System Administrator (CSA)
- Log into the Clarity System Administrator by using the following link. The following default login URL is for CSA on servers running Apache Tomcat: http://<hostname>:<port>/niku/app
- Select the relevant server.
- Navigate to the Application tab and select the Use Single Sign-On check box in the Application Instance: app section.
- Save your changes.
- Navigate to the Security tab and set the value of the token type field to Header.
- Save the changes and restart the application.
Enable SAML Authentication
You need to enable SAML Authentication in Classic PPM. Perform these steps:
Log in to Classic PPM and select Administration, System Options to open the System Options page.
Select the Enable SAML Authentication option.
HOW TO ADD LOGIN LOGOUT URL IN CLARITY
- Login to NSA and then go to security.
- Go to single sign on area and enter the logout URL and authentication URL.
- Go to the new UI of clarity (mentioned in above steps).
- Once login click on authentication and key, then to saml-configuration.
- After that check logout URL column and update the correct URL here also.
After upgrade to 16.1.1, saml stop working.
You have to go to nsa and then security tab and single sign on area and fill the last 4 URL area like , logout URL, authentication URL, timeout etc.
Then do the restart of server it will resolve the issue.