This topic describes how to create an identity provider (IdP). You must create an IdP before you implement role-based single sign-on (SSO).


  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, click SSO.
  3. On the Role-based SSO tab of the page that appears, click Create IdP.
  4. In the panel that appears, specify IdP Name and Note.
  5. Click Upload under Metadata File to upload the SAML metadata file.
    Note The SAML metadata file is provided by your IdP. The file is typically in the XML format and contains the logon URLs, public key used to verify SAML assertions, and assertion format.
  6. Click OK.