You are currently reviewing an older revision of this page.
Bentley's Service Provider Details (configure your server with this info)
Parameter
Value
EntityID
https://ims.bentley.com
Audience Restriction
Assertion Consumer URL
https://ims.bentley.com/sp/ACS.saml2
Assertion validity duration
900 seconds
Skew time
300 seconds
Include Name ID in assertion
Yes (Required)
Attributes to include in assertion
emailaddress
givenname
surname
windowsaccountname
upn
country (2-digit ISO code)
Namespace for attributes to include in assertion
http://schemas.microsoft.com/ws/2008/06/identity/claims
(for windowsaccountname)
http://schemas.xmlsoap.org/ws/2005/05/identity/claims
(for emailaddress, givenname, surname, name, upn)
Your SAML 2.0 Identity Provider Information (send this info back to Bentley)
Domain
e.g. bentley.com <This is used to redirect users to your IdP if IMS sees this during the authentication process>
Entity ID in the Federation Metadata document if you have one.
Typically for ADFS it looks something like:http://<ADFS>/adfs/ly/FederationMetadata/2007-06/FederationMetadata.xml
Entity Type
SAML 2.0 IDP
Entity Metadata URL*
Federation Metadata document if your IdP exposes it.
Token Type
SAML 2.0
SSO Service URL
URL where your users will be redirected to, for authentication by your IdP.
Typically for ADFS it looks like: https://<ADFS>/adfs/ls
Thumbprint
The thumbprint of the certificate used by your IdP for token signing
Required Attributes