SAML Using the Loginapp REST UI with SAML

Airlock IAM may be configured as a SAML identity provider (IDP) and service provider (SP). This article provides hints how to configure the Loginapp REST UI for IAM as IDP.

The Loginapp REST UI cannot yet be used as SAML SP. The feature is planned for release 7.7.

SAML IDP configuration for the Loginapp REST UI

The SAML IDP is configured mainly in the Loginapp REST API: see 17.2.6. SAML IDP setup with the Loginapp REST API.

The following configuration steps are necessary in addition to the above mentioned REST API configuration:

  • 1.
    Go to:
    Loginapp >> UI Settings >> Authentication UIs
  • 2.
    Flow UIs: make sure there is an Authentication & Authorization UI for every configured SAML SP target application. There are no SAML-specific settings in the UI plugin.
  • 3.
    If SAML SLO (single logout) is used, configure the On Logout property as follows:
    • Use the SAML2 Single Logout Config plugin
    • Define a specific Default Target URI if required. It is used if no Location parameter is present or if it is not valid for SAML SLO.