Skip to main content

Securing MarkLogic Server

SAML Authentication

If you use SAML authentication, set the fields described in this section.

Screenshot of the SAML server fields

Field	Description
`saml entity id`	SAML entity id (as a URL). Required if authorization is SAML. For details on creating and inserting a SAML entity, see Defining and Inserting a SAML Entity
`saml destination`	The URL that identifies the Identity Provider to accept the authentication request.
`saml issuer`	The URL that identifies the Service Provider (MarkLogic Server).
`saml assertion host`	The URL that identifies the host making the assertion
`saml idp certificate authority`	The certificate used to validate the signature in the authentication request.
`saml sp certificate`	The certificate used to sign the authentication request.
`saml sp private key`	The private key used to sign the authentication request.
`saml attribute name`	One or more SAML attribute names. Optional when authorization is SAML. These names will be requested as part of the attribute query and mapped as appropriate to internal MarkLogic Server roles.
`saml privilege attribute name`	SAML privilege attribute name. Optional when authorization is SAML. If specified, the name will also be requested as part of the attribute query and mapped to MarkLogic Server privileges.

When you have finished configuring MarkLogic Server for external security, click ok.

In this section: