You are currently reviewing an older revision of this page.
Your SAML2.0 Identity Provider Information
Parameter
Value
Doman
e.g. bentley.com <this is used to redirect users to your IdP if IMS sees this during the authentication process>
EntityID
Entity ID in the Federation Metadata document if you have one.
Typically for Adfs http://<ADFS>/adfs/ly/FederationMetadata/2007-
06/FederationMetadata.xml
Entity Type
SAML2.0 IDP
Entity Metadata URL*
Federation Metadata document if your IdP exposes it. Typically for ADFS it is like http://<ADFS>/adfs/ly/FederationMetadata/2007-
Token Type
SAML2.0
SSO Service URL
URL where your users will be redirected to, for authentication by your IdP.
Typically for ADFS it is like https://<ADFS>/adfs/ls
Thumbprint
thumbprint of the certificate used by your IdP for token signing
Required Attributes
emailAddress firstName
lastName
name
upn
country
Bentley Service Provider Details
QA - https://qa-ims.bentley.com Prod - https://ims.bentley.com
Audience Restriction
Assertion Consumer URL
QA - https://qa-ims.bentley.com/sp/ACS.saml2 Prod - https://ims.bentley.com/sp/ACS.saml2
Assertion validity duration
900 seconds
Skew time
300 seconds
Include Name ID in assertion
Yes (Required)
Attributes to include in assertion
Emailaddress
givenname
surname
windowsaccountname
country (2-digit ISO code)
Namespace for attributes to include in assertion
http://schemas.microsoft.com/ws/2008/06/identity/claims (for windowsaccountname)
http://schemas.xmlsoap.org/ws/2005/05/identity/claims
(for emailaddress, givenname, surname, name, upn)