This topic describes how to create an identity provider (IdP). You must create an IdP before you implement role-based SSO.


  1. Log on to the RAM console with an Alibaba Cloud account.
  2. In the left-side navigation pane, click SSO.
  3. On the Role-based SSO tab, click Create IdP.
  4. Specify the IdP Name and Note parameters.
  5. Click Upload under Metadata File to upload the SAML metadata file.
    Note The SAML metadata file, usually in the XML format, is provided by your IdP. The file contains the logon URLs, public key for verifying SAML assertions, and assertion format.
  6. Click OK.