If you are not familiar with setting up SAML service provider in DualShield, please refer to the wiki below:
Integrate with SAML-enabled services
In the DualShield Admin Console, navigate to "SSO | Servicer Providers"
Click "Create" to create a new service provider
SSO Server | Select the Single Sign-on Server that will serve this new service provider |
Application | Select the application that you have created for this Power App |
Name | Enter a descriptive text |
Type | Choose "SAML 2.0" |
Metadata | see below |
SAML Options | Enable "Sign on SAML Assertion" |
Follow the instruction below to create the metadata data
Create the Service Provider (SP) metadata for a Power App using the following template:
<?xml version="1.0" encoding="UTF-8" ?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://power-app-service-provider-realm">
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
<AssertionConsumerService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="https://power-app-assertion-consumer-service-url"
index="0" isDefault="true">
</AssertionConsumerService>
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location=""/>
</SPSSODescriptor>
</EntityDescriptor>
Replace the following text
- power-app-service-provider-realm
- power-app-assertion-consumer-service-url
with the Power App's real settings as illustrated below:
Below is a real example:
Click "Create Metadata"
Copy and Paste the metadata
Click "Save"
Click "Attribute"
Click "Create"
Location | Choose "HTTP Body" |
Name | Enter "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" |
Format | Choose "urn-oasis:names:tc:SAML:2/.0:attrname-format-unspecified" |
Maps to | Select "Email" |
Return in Response | Enabled |
Click "Save"
Click "Save"