All Products
Search

This Product

    Resource Access Management:Manage a SAML IdP

    Document Center

    Resource Access Management:Manage a SAML IdP

    Last Updated:Nov 24, 2025

    Before you implement role-based single sign-on (SSO), you must create a Security Assertion Markup Language (SAML) identity provider (IdP). This topic describes how to create, view, modify, and delete a SAML IdP.

    Create a SAML IdP

    Before you create a SAML IdP, make sure that you obtained the metadata file of the IdP. The metadata file is in the XML format. The metadata file contains the logon URLs, the public key that is used to verify SAML assertions, and the assertion format.

    1. Log on to the Resource Access Management (RAM) console as a RAM administrator.

    2. In the left-side navigation pane, choose Integrations > SSO.

    3. On the Role-based SSO tab, click the SAML tab and click Create IdP.

    4. On the Create IdP page, configure IdP Name and Description.

    5. In the Metadata File section, click Upload Metadata File to upload the metadata file that is obtained from your IdP.

    6. Click Create IdP.

    View the basic information about a SAML IdP

    1. Log on to the RAM console as a RAM administrator.

    2. In the left-side navigation pane, choose Integrations > SSO.

    3. On the Role-based SSO tab, click the SAML tab and click the IdP whose basic information you want to modify.

    4. In the Basic Information section, view the basic information about the IdP, such as IdP Name, IdP Type, Created At, Updated At, ARN, and Description.

    Modify the basic information about a SAML IdP

    You can modify only the description and metadata file.

    1. Log on to the RAM console as a RAM administrator.

    2. In the left-side navigation pane, choose Integrations > SSO.

    3. On the Role-based SSO tab, click the SAML tab and click the IdP whose basic information you want to modify.

    4. Modify the basic information about a SAML IdP

      • To modify the IdP description, click Edit to the right of Description.

      • To upload another metadata file, click Replace Metadata File.

        Warning

        Upload a valid metadata file that you obtained from the IdP. Otherwise, single sign-on (SSO) fails.

    Delete a SAML IdP

    1. Log on to the RAM console as a RAM administrator.

    2. In the left-side navigation pane, choose Integrations > SSO.

    3. On the Role-based SSO tab, click the SAML tab. Then, find the SAML IdP that you want to delete and click Delete IdP in the Actions column.

    4. In the Delete IdP message, click Delete IdP.

      Warning

      After you delete a SAML IdP, role-based SSO cannot be implemented between your business system and RAM.