Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4864: How to retrieve an IdP metadata download URL for SAML app configuration

Centrify Identity Service, App Edition ,  

26 October,17 at 05:12 PM

Applies to: Centrify Identity Service

Question:

As part of configuring SAML apps for supported websites, Centrify Cloud Manager provides links to download the IdP-metadata as an XML file in the App Settings pages.

However some sites such as Crashplan PROe ask for a direct-download link to retrieve the metadata instead of an XML upload. Since the download link in the Applications Settings page is dynamically generated, it cannot be right-click and copied out from the page.

User-added image


Is there a URL that target sites can use to dynamically download IdP-metadata info?


Answer:
  1. The public IdP-metadata-URL is published in the format: 
    • https://cloud.centrify.com/saasManage/DownloadSAMLMetadataForApp?appkey=[appkey]&customerid=[customerid] 
       
    • Where [appkey] is the unique key of the added application for the tenant, and [customerid] is the tenant ID for the account. 
  2. The easiest way to retrieve these values is to download the "Identity provider metadata" XML file from the Applications Settings link, and then look inside for the Location attribute inside the "SingleSignOnService" tag
    • The SingleSignOnService > Location attribute holds the app URL in the format: 

      https://cloud.centrify.com/run?appkey=[appkey]&customerid=[customerid] 
       
  3. Copy out this URL and replace "run" in the URL with "saasManage/DownloadSAMLMetadataForApp"
    • For example, if the SingleSignOnService > Location attribute shows the app URL as:

      https://pod1.centrify.com/run?appkey=ccccdddd11118888&customerid=ABC123

       
    • The public IdP-metadata-URL will be:

      https://pod1.centrify.com/saasManage/DownloadSAMLMetadataForApp?appkey=ccccdddd11118888&customerid=ABC123


Note: 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.