Configuring the ID vault for federated login
The Domino® ID vault administrator sets up the vault to specify the name of the IdP Catalog document for the SAML identity provider (IdP).
About this task
The ID vault administrator must approve the use of an IdP that will provide SAML credentials. The ID vault administrator decides which IdP is trustworthy. Only credentials from a trusted IdP can be used for downloading an id file stored in this ID vault. The administrator supplies host names for identity provider (IdP) partnerships to the ID vault in a vault document. The vault server uses the host names to look up IdP information from the IdP Catalog application (idpcat.nsf).
You might specify more than one entry in the list of approved IdP configurations if you need more than one IdP federation to handle the volume of user logins. If you add more than one entry into the list of Notes federated login approved IdP configurations, then at user login time, one of the approved IdP configurations will be chosen at random to be used to authenticate the user.