Creating and replicating the IdP Catalog
Create the IdP Catalog (idpcat.nsf) and replicate it to any servers participating in SAML federated authentication. If you will enable Web, Notes, or Nomad federated login, also replicate it to the ID vault server.
About this task
Note the requirements for the IdP Catalog:
- You must use the file name idpcat.nsf and put the catalog in the data directory.
- Do not enable document locking on the catalog.
Procedure
-
From the Domino® Administrator client, create the IdP
Catalog application (idpcat.nsf), using the template with the file name
idpcat.ntf.
CAUTION: If your server is running on UNIX™ or IBM® i, make sure the file name is all lower-case.
- Use a restrictive access control list (ACL). Assign access only to the Domino® ID vault server and to Domino® SAML administrator(s) who are trusted to manage security.
- Replicate the IdP Catalog to the other servers that participate in SAML authentication. These servers are automatically given access to the IdP Catalog, regardless whether they have access through the ACL.