> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn how to configure SiteMinder as a SAML identity provider for use with Auth0.

# Configure SiteMinder as SAML Identity Provider

Configure SiteMinder as a <Tooltip tip="Security Assertion Markup Language (SAML): Standardized protocol allowing two parties to exchange authentication information without a password." cta="View Glossary" href="/docs/glossary?term=SAML">SAML</Tooltip> <Tooltip tip="Security Assertion Markup Language (SAML): Standardized protocol allowing two parties to exchange authentication information without a password." cta="View Glossary" href="/docs/glossary?term=identity+provider">identity provider</Tooltip> by completing the following steps.

## Prerequisite

You must have a [SiteMinder](https://www.siteminder.com/login/) account.

## Configure SiteMinder settings

When configuring SiteMinder, you will use the default values for most options. You will also need the following Auth0-related values in the configuration steps below:

* **EntityID:** `urn:auth0:{yourTenant}`
* **Assertion Consumer Service URL:** `https://{yourDomain}/login/callback`
* **Logout URL:** `https://{yourDomain}/logout`
* **HTTP-Redirect** binding for SAML Request
* **HTTP-POST** binding for SAML Response

1. Log into [SiteMinder](https://www.siteminder.com/login/).
2. Open the **SAML Service Provider Dialog**.
3. Provide an appropriate name for this service provider.
4. Define the `NameIdentifier`. There are many ways of generating this for users authenticating with SiteMinder. Typically you will map this value to one of the user properties in the User Directory as `uid`.
5. Configure the service provider general SAML properties:

| Setting          | Description              |
| ---------------- | ------------------------ |
| **SP ID**        | `urn:auth0:{yourTenant}` |
| **SAML Version** | 2.0                      |
| **Skew Time:**   | 30 seconds               |

6. Configure the **Assertion Consumer Service URL** which is the location where SiteMinder will POST back the SAML token. This Service Provider ({yourTenant}) only supports the `HTTP-POST` binding for SAML Responses. Use:
   `https://{yourDomain}/login/callback`
7. Check the **HTTP-Post** box.
8. Configure additional user properties to send in the token. Add any other properties you wish to share about the authenticated user to this Service Provider. Common values are: `name`, `lastname`, `email address`, and so on. This Service Provider will use the `NameIdentifier` defined previously as a unique handle of the user. These attributes will be treated as reference information.
9. Enter the **SLO Location URL:**`https://{yourDomain}/logout`
10. (Optional) The service provider supports encryption of assertions.
    To use this option, do the following to download the Service Provider public key certificate.

    1. In the Auth0 Dashboard, click on **Connections** and then **Enterprise.**
    2. Click on SAMLP Identity Provider.
    3. Click on the setup icon (pencil).
    4. In the window which appears, the seventh (last) bullet gives you links to download the .pem or .cer format certificate.
    5. Download the desired certificate and add it to the SiteMinder **Policy Server Keystore**.