Once you save your single sign-on (SSO) connection, Anaplan generates information for you to share with your identity provider (IdP) as part of the configuration process.
Anaplan’s information includes:
- a URL to a metadata file for the Anaplan service provider information
- an Anaplan X509 certificate for you to share with your IdP
- a service provider sign-out URL
- an Assertion Consumer Service (ACS) URL
Anaplan requires that your identity provider:
- sign all SAML responses
- support urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress as the NameIDFormat
Note: If you want to enable response encryption, you can use the same certificate that you use for signed requests.
To access your details:
- In Administration, navigate to Security > Single Sign-On.
- Select your IdP connection.
Your service provider information is:
|Service Provider information||Self-service Tab||Description|
|Anaplan X509 Certificate||Metadata||If your IdP validates the certificate used for the connection, download this certificate and provide it to your identity provider.|
|Assertion Consumer Service URL||Config||Also known as a Destination or Recipient URL. If you need to manually provide this URL to your IdP, use this value.|
|SP Metadata XML URL||Metadata||Provides most of the details of your single sign-on configuration in Anaplan. Use this URL to import this information into your IdP through their interface.|
|SP Sign-out URL||Metadata||If you need to manually provide a sign-out URL to your IdP, use this value.|