After the SSO Server has been configured and identified as a type of SAML, Anaplan generates metadata to be sent on to the client. This metadata describes the Anaplan SAML service to the client IdP and how to set up the SAML URL endpoints. Many SAML IdPs automatically configure from metadata files. This is defined as the SAML Circle of Trust.
The Metadata includes:
- The Anaplan public certificate.
- The Anaplan EntityID (https://sdp.anaplan.com). This is so the client IdP will accept Anaplan traffic.
- The External ID as defined by Anaplan Support. For example, YourCompanySAML. This is so Anaplan can identify that the client server is configured within the Anaplan environment.
As soon as the SSO server and metadata has been generated, Anaplan sends the client:
- The friendly URL, which in this example is Location="https://sdp.anaplan.com/frontdoor/saml/<External Id>.
- Metadata as an XML file.