Requirement | Description |
Security Token Service (STS) provider | Determine which STSs you want Integration Server to trust. Clients can use any STS provider that generates SAML 1.0 or 2.0 tokens. The generated SAML token must: ![]() ![]() |
Certificates for each possible issuer of SAML assertions | Create a truststore that contains the public keys of each STS. For more information about creating a truststore, see Creating a Keystore and Truststore. |
Identification of trusted issuers | Identify trusted STSs to Integration Server. For instructions, see Identifying Trusted STSs to Integration Server
. |
Client certificate mapping | If Integration Server is to process Holder-of-Key (HOK) type SAML assertions, which contain the public key of the client, you must map the client’s public key to an Integration Server user. For more information about configuring client certificates, see Client Certificates. |