Note:
The Federated Identity Configurator is a stand-alone tool to create and manage the federated identity configuration files for Exact Synergy Enterprise (ESE), Exact Globe+, and Exact Lightweight Integration Server (ELIS). You should use this tool when configuring any of the above products to use federated identity authentication, and as part of the product update process. It should also be used to test and verify if authentication with the selected identity provider is working correctly.
If you are updating a product that has been configured for federated identity, you should also use the Federated Identity Configurator to ensure your configurations are retained. Before performing product update, ensure the configuration can be retained.
Note: Depending on the product, you may need to restart product-related services after generating the files.
The available fields and the order of the fields depend on the product and provider.
Select the product for which you want to view, edit and/or (re)apply the FID configuration.
This tool should be used to test the federated identity authentication between two products by specifying a client environment and a server environment.
The available fields and the order of the fields depend on the selected product and identity provider.
Type or select the installation folder of the product that is selected in the Products menu. When a path is specified, the tool will validate the path. If the path is validated successfully, the configuration section and buttons will be enabled. If the current or previous environment has been configured for FID, the values will be automatically loaded. If the current environment has no FID configuration, the text fields in the configuration sections will be cleared for user input.
Select the identity provider for which you want to view, edit and/or (re)apply the FID configuration:
Note: This field is available only when a valid installation folder is selected.
Select the protocol that will be used by the product for login purposes. You can select SAML or OAuth.
Note: This field is available only if Exact Synergy Enterprise is selected at the Products menu.
Define the SAML issuer name from your identity provider portal.
Define the authority from your identity provider portal.
Define the Auth0 connection from your Auth0 portal.
Note: This field is available only if Auth0 is selected at Identity Provider.
Define the JWT issuer name from your Auth0 portal.
Define the client ID from your identity provider portal.
Define the client ID (web) from the WAAD portal.
Note: This field is available only if OAuth is selected at Protocol.
Define the client secret from your identity provider portal.
Define the allowed audience from your identity provider portal.
Define the allowed audience (web) from the WAAD portal.
Note: This field is available only if Windows Azure Active Directory is selected at Identity Provider.
Define the realm from your identity provider portal.
Note: This field is only available if Exact Synergy Enterprise is selected at the Products menu.
Define the audience URI from your identity provider portal.
Define the thumbprint from your identity provider portal.
Define the metadata from your identity provider portal.
Define the authorize endpoint from your identity provider portal.
Define the token endpoint from your identity provider portal.
Define the WSFED issuer from your identity provider portal.
Define the App URI ID from your WAAD portal.
Note: This field is available only if Exact Synergy Enterprise is selected at the Products menu and WAAD is selected at Identity Provider.
Define the resource from your WAAD portal.
Note: This field is available only if WAAD is selected at Identity Provider and Exact Globe+ or Exact Lightweight Integration Server is selected at the Products menu.
This section displays informational and/or error messages based on your actions:
Note: This section is applicable only to the Products menu.
The fields in this section can be used to test the federated identity authentication between two products by specifying a client environment and a server environment. For example, registering an ESE endpoint in ELIS requires FID authentication from ELIS to ESE. Authentication errors can be tested by specifying ELIS as the client and ESE as the server, and using this tool to retrieving detailed error messages.
Select the client environment for which to test the federated identity authentication.
Note: This field is available only if Client/Server is selected at the Tools menu.
Select the server environment for which to test the federated identity authentication.
Define the username used to log in to the client environment and server environment.
Define the password used to log in to the client environment and server environment.
This field displays the log of the validation. Detailed authentication error messages as well as authentication information (for example, expiry date of security tokens) will be displayed here.
For the Products menu, click this to validate the values from the product screen for common mistakes, such as formatting, typos, et cetera. The tool will warn you when a value is suspected to be wrong so that you can verify and correct it if needed. Define a username and password (from your federated identity account) to test if the configuration values are correct for authentication use.
For the Tools menu, click this to validate the connection between the client environment and server environment. The results of this validation will be displayed at the Result field.
Click this to generate the FID configuration for the selected product. You can generate the FID configuration only after a successful validation. When you click Generate, the Exact Globe+: Validate screen opens with the message “Please validate details in order to generate configuration files.” If you fail to validate the details, the message “Could not generate: Configuration is not validated or failed to be validated.” is displayed when you return to the FID configurator tool screen. FID will not work if you do not complete the configuration using the FID configuration tool.
Based on the selected product, the following configuration files will be generated or updated:
Note: This button is applicable only to the Products menu. It is enabled when the installation folder is directed to an environment configured for FID.
Click this to clear all fields.