Identity Cloud

Set up single sign-on

The topics in this section are for tenants created on or after January 12, 2023. Refer to Application management migration FAQ.

If the Sign On tab is visible, you can set up single sign-on for a target application. For more information, refer to Target and authoritative applications.

  1. Click the Sign On tab.

  2. Click Set Up SSO.

  3. If you have set up multiple domains, in the Select a domain drop-down field, select a domain to use for sign-on.

  4. Click Next.

  5. On the Set Up Single Sign-on page:

    • To upload the application service provider metadata XML file:

      1. Enable Upload Metadata.

      2. Browse to and select the xml file that contains the service provider metadata.

    • To manually configure the service provider metadata values:

      1. Enable Configure Manually.

      2. Configure the fields on the Set Up Single Sign-on page.

  6. Click Next.

  7. Click Save.

  8. To view IdP metadata for the application, click View IdP Metadata. This contains the x509 signing and encryption certificates.

  9. To update the application provider metadata, click Update Metadata.

  10. To download the x509 encryption certificate, click Download Certificate. For the x509 signing certificate, refer back to step 8.

  11. To test the single sign-on connection, at the bottom right of the page, click Try it out.

Copyright © 2010-2024 ForgeRock, all rights reserved.