Create SAML Application for Single Sign-On(SSO)

This page explains how to create application using SAML-based Single Sign-On (SSO).

Follow the steps below to create application

  • Then, go to Configuration > Applications page in the Mirket Portal.

  • To create a new application Add Application button on the top right corner. The application creation process consists of seven steps. In the first step, fill in the fields according to the following instructions:

  • Application Name: Enter a name for the application.

  • Application Logo: Upload your company's logo.

  • Protocol: Select your protocol from the dropdown list. For fortigate integration SAML V2 protocol is need be select.

  • IDP initiated: When this option is enabled, the system supports IdP-initiated Single Sign-On (SSO).

  • After filling in the required fields, click the Next button to proceed to the next step. In the second step, select the users, groups or external sources to which the application will apply. Transfer your selections to the Selected Users/Groups/External Sources table by clicking the arrow icon next to the Available Users/Groups/External Sources table.

  • Once the addition process is completed, click the Next button to proceed to the next step. In the third step, copy the URL values from the Mirket Portal and paste them into the corresponding fields under the IdP Settings section on the SAML Single Sign-On > Advanced Options page in Fortigate, as specified below: IdP Entity ID: Enter the Identifier (Entity ID) value from the Mirket Portal. IdP single sign-on URL: Enter the Single Sign-On URL value from the Mirket Portal. IdP single logout URL: Enter the Single Log-Out URL value from the Mirket Portal. Note: You can also download the Meta Data XML file from the Mirket Portal.

  • After entering the values, return to the Mirket Portal, click the Next button to proceed to the next step. In the fourth step, Click the Show Certificate button.

Download the Identity Provider (IdP) Certificate and Upload It to the Application

  1. On the page that opens, click Download Certificate to obtain the IdP certificate file (usually in .crt or .pem format).

  2. In your application's SAML configuration settings, navigate to the IdP Settings or Certificate Management section.

  3. Locate the IdP Certificate or Identity Provider Certificate field.

  4. If the field provides a dropdown or upload option, click the Import or Upload button.

  5. Select the downloaded certificate file and complete the import.

⚠️ The exact location and naming of these settings may vary depending on the application. Refer to your application’s SAML or identity provider configuration documentation if needed.

Configure Service Provider (SP) Details in the Mirket Portal

  1. After uploading the certificate, return to the Mirket Portal and click Next to proceed.

  2. In your application’s SAML configuration interface, locate the SP Details section. This is typically found under a SAML Settings, Service Provider Configuration, or Advanced Options area.

  3. Copy the following URL values from your application’s SP configuration and paste them into the corresponding fields in the Mirket Portal:

    • Identifier (Entity ID): Enter the SP Entity ID provided by the application.

    • Reply URL (Assertion Consumer Service URL): Enter the SP ACS (login) URL.

    • Sign-On URL: Enter the SP login or portal URL.

    • Log-Out URL (Optional): Enter the SP SLS (logout) URL, if available.

💡 Field names and locations may vary depending on the application. Refer to the application’s SAML or identity provider documentation if unsure.

Configure Attribute Mapping

  1. After entering the SP details, click Next to proceed to the Attribute Mapping step.

  2. In this step, specify which user attribute from your Identity Provider (IdP) should be sent to the application (Service Provider) during SAML authentication.

  3. For each attribute you want to map:

    • Select the attribute name expected by the Service Provider (e.g., NameID, email, username, Display Name).

    • Enter the corresponding value or attribute name as provided by your IdP. This could be a claim or user property such as user.email, user.principalName, or user.givenname.

  4. Ensure the attribute values match what the application expects to successfully identify and authorize users.

🔄 Attribute names and expected formats may differ across applications. Refer to the target application's SAML documentation for required attributes.

  • After filling in the required field, click the Next button to proceed to the final step. In the seventh step, select the service provider role, and then choose the groups or external sources you want to assign to this role.

  • After filling in the required field, click the Save button. Then, the application will be successfully created.

PreviousApplicationsNextUser Portal

Last updated