Once you save your single sign-on (SSO) connection, Anaplan generates information for you to share with your identity provider (IdP) as part of the configuration process.
Anaplan information includes:
- A URL to a metadata file for the Anaplan service provider information.
- An Anaplan X.509 certificate for you to share with your IdP.
- A service provider sign-out URL.
- An Assertion Consumer Service (ACS) URL.
Anaplan requires that your identity provider:
- Sign all SAML responses.
- Support urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress as the NameIDFormat.
Note: If you want to enable response encryption, you can use the same certificate that you use for signed requests.
To access your details:
- In Administration, navigate to Security > Single Sign-On.
- Select your IdP connection.
Your service provider information can be found in either the Metadata tab or Config tab.
|Service provider information
|Anaplan X.509 Certificate
|If your IdP validates the certificate used for the connection, download this certificate and provide it to your identity provider.
|Assertion Consumer Service URL
|Also known as a Destination or Recipient URL. If you need to provide this URL manually to your IdP, use this value.
|SP Metadata XML URL
|Provides most of the details of your single sign-on configuration in Anaplan. Use this URL to import this information into your IdP through their interface.
|SP Sign-out URL
|If you need to manually provide a sign-out URL to your IdP, use this value.