Can I use an arbitrary string as SP entity ID while configuring Apigee Edge SSO ?

Issue : I want to change the SP EntityID of Apigee instance, which is not configurable and must be apigee-saml-login-opdk. For example if you want to use two Apigee installations to authenticate against the same IDP, and this IDP (For example Siteminder) requires SP EntityID to be unique for each SP Application.

0 1 1,677
1 REPLY 1

Yes, you can use any string as Service Provider entity ID while configuring Apigee Edge SSO. Please follow the below steps.

  1. Finish SSO installation using the default value "apigee-saml-login-opdk" as Service Provider entity ID.
  2. Create / Edit this cwc property file /opt/apigee/customer/application/sso.properties
  3. Add line conf_login_entityid=randomxyz123 where “randomxyz123” is a unique SP EntityID of customer’s choice.
  4. Save the file.
  5. Restart SSO component - apigee-service apigee-sso restart
  6. Change SP EntityID and ACS URL on IDP like below:
    1. SP EntityID: randomxyz123
    2. ACS URL / Single Sign On URL: http:/apigee_sso_IP_DNS:9099/saml/SSO/alias/randomxyz123
  7. Also update any other elements on the IDP that have this string "apigee-saml-login-opdk"