Description
Symptoms
The select IdP page does not display list of identity providers.
Release
all
Cause
The IdP has not been registered with InCommon.
Resolution
These are the steps to follow to configure Multi-SSO Federation:
- Enable MultiSSO plugin.
2. Go to Federations -> InCommon record and make it active.
3. Make sure "Refresh SSO Metadata" is active and execute it (this scheduled job runs every 30 mins). *** There are 2 scheduled jobs with similar names. The other one is "Refresh MultiSSO IDP Metadata". The one for federations is "Refresh SSO Metadata". VERY IMPORTANT.
4. You will see list of IDPs imported into Multi-Provider SSO => Identity Providers list
5. Activate IDPs which you want to use from list in step 4.
6. Choose any user record and set "SSO Source" => federation:<sys_id of InCommon record in sso_federation>
7. Login to instance using External login.
8. After entering userID, it will give you list of all active IDPs and you can choose from it.
Step 8 is not working as expected.
You must register the IdP with InCommon prior to having the IdP display in the list.
Register with Federated Service InCommon and once it is successfully registered with InCommon then it should appear in metadata url: "http://md.incommon.org/InCommon/InCommon-metadata.xml".