Once you save your single sign-on (SSO) connection, Anaplan generates information for you to share with your identity provider (IdP) as part of the configuration process.

Anaplan information includes:

  • A URL to a metadata file for the Anaplan service provider information.
  • An Anaplan X.509 certificate for you to share with your IdP.
  • A service provider sign-out URL.
  • An Assertion Consumer Service (ACS) URL.

Anaplan requires that your identity provider:

  • Sign all SAML responses.
  • Support urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress as the NameIDFormat.

Note: If you want to enable response encryption, you can use the same certificate that you use for signed requests.

To access your details:

  1. In Administration, navigate to Security > Single Sign-On.
  2. Select your IdP connection.
    Your service provider information can be found in either the Metadata tab or Config tab.
Service provider informationLocationDescription
Anaplan X.509 CertificateMetadataIf your IdP validates the certificate used for the connection, download this certificate and provide it to your identity provider.
Assertion Consumer Service URLConfigAlso known as a Destination or Recipient URL. If you need to provide this URL manually to your IdP, use this value.
SP Metadata XML URLMetadataProvides most of the details of your single sign-on configuration in Anaplan. Use this URL to import this information into your IdP through their interface.
SP Sign-out URLMetadataIf you need to manually provide a sign-out URL to your IdP, use this value.