Complete the steps in this section if you want to use Web federated login or Notes federated login. After enabled, iNotes users and Notes client users, respectively, access the Notes ID file in the ID vault without being prompted for the password. If your IdP is ADFS, you can also configure Integrated Windows Authentication (IWA) so that iNotes users or Notes clients users aren't prompted for the IdP name and password.

Before you begin

• Complete the steps in the section Preparing for SAML authenticationComplete the steps in this section before you configure SAML authentication in Domino.
• If you enabled basic SAML authentication for Web servers, complete the procedure Testing basic SAML authenticationTest basic SAML authentication to ensure that SAML authentication works for accessing web applications. .

To configure federated login, complete the steps in this section.

1. Creating an ID vault server IdP configuration document
This configuration document is used for both Notes federated login and Web federated login.

2. Exporting the ID vault server configuration to an .xml file
Complete this task to export the configuration information in an ID vault server IdP configuration document to an xml file, ServiceProvider.xml. Then, you can import it into the Relying party trust (ADFS) or partnership (TFIM) to fill in the Domino information automatically.

3. Setting up a Relying Party Trust for the ID vault server
Set up a Relying Part Trust in Active Directory Federated Services (ADFS) for the Domino ID vault server. These procedures describe steps for ADFS 3.0 and ADFS 4.0.

4. Configuring the ID vault for federated login
The Domino ID vault administrator sets up the vault to specify the name of the IdP Catalog document for the SAML identity provider (IdP).

Help on Help

All Help Contents

Help on Help