By: Guilherme Capilé user 08 Jul 2019 at 10:38 a.m. CDT

3 Responses
Guilherme Capilé gravatar
When trying to configure Dashlane as a SP, their documentation doesn't provide a SP metadata, but rather different URLs to setup: > IdP-agnostic general configuration settings: > Assertion Consumer Service (ACS) URL: https://ws1.dashlane.com/1/teamPlans/verifyAndAddMemberFromIdp > Relying Party Identifer: https://ws1.dashlane.com/1/teamPlans/verifyAndAddMemberFromIdp > Endpoint Trusted URL: https://ws1.dashlane.com/1/teamPlans/verifyAndAddMemberFromIdp > NameID: Email > Encryption: Do not encrypt SAML messages > Signing: Sign Assertions (only sign assertions) See <https://support.dashlane.com/hc/en-us/articles/212111089-Integrating-Dashlane-with-SAML-2-0> Is it possible to configure a TR with these settings? Should we ask for Dashlane's SP metadata instead? Thanks in advance, Guilherme Capilé

By Mohib Zico staff 09 Jul 2019 at 10:05 a.m. CDT

Mohib Zico gravatar
SP metadata is mandatory to create SAML Trust relationship. Either you can force SP to give you one or can write one simple one by yourself. [Here](https://gluu.org/docs/ce/3.1.6/integration/saas/google/#google-metadata) is one sample one.

By Guilherme Capilé user 09 Jul 2019 at 7:22 p.m. CDT

Guilherme Capilé gravatar
Ola, got it, I was able to create a matadata file. Now how can I create a link to Gluu specifically for authenticating for this service provider? For example, if I want a list of services, I click on a link, go to Gluu, authenticate and then I'm redirected to the service -- is this possible? Is it also possible to filter, based on the LDAP properties, which users are allowed to each service?

By Mohib Zico staff 12 Jul 2019 at 4:30 a.m. CDT

Mohib Zico gravatar
Ola, >> For example, if I want a list of services, I click on a link, go to Gluu, authenticate and then I'm redirected to the service -- is this possible? That's how SSO works. It's called "SP-initiated" SAML SSO. You don't need to do anything to achieve such from Gluu Server's side. - Just configure your SP to point your Gluu Server. - Configure your IDP with SP's metadata ( Create trust relationship / release attribute etc. ) - Test SSO. >> Is it also possible to filter, based on the LDAP properties, which users are allowed to each service? You can do that with attributes. Say.. some SP1 require a set of attributes, another SP2 require others etc.