This section covers the configuration fields required to integrate your corporate identity provider (IdP) with ZTP using the SAML method. It also provides step-by-step instructions for integrating common IdPs, including Okta, Azure AD, and OneLogin.
The following table describes the fields available on the SAML configuration page.
*Required field
Field | Description | ||
|---|---|---|---|
Name* | The name of the IdP option displayed on the ZTP Cloud Console login page after configuration. | ||
Audience* | The value that must match the Audience or Entity ID configured on the IdP. | ||
XML Metadata File | An optional file provided by the IdP that contains the SSO URL and public certificate. Upload this file to automatically populate the SSO URL, Issuer, and Public Certificate fields. | ||
SSO URL* | The IdP URL that receives SAML requests from ZTP. Obtain this value from the IdP configuration. | ||
Issuer* | A unique string that identifies the provider issuing the SAML request. Obtain this value from the IdP configuration. | ||
Public Certificate | The public certificate that ZTP uses to validate SAML assertions from the IdP. Obtain this value from the IdP configuration. | ||
Email Attribute* | The attribute name in the SAML assertion which retrieves the user's email address. | ||
First Name Attribute* | The attribute name in the SAML assertion which retrieves the user's first name. | ||
Last Name Attribute* | The attribute name in the SAML assertion which retrieves the user's last name. | ||
Username Attribute* | The attribute name in the SAML assertion which retrieves the username. |