3160963 - SAML - Which link will be used for the SPI

We always use the SAML login-page on our side, but now we want to send direct links to specific diagrams to our colleagues or spread the link on our intranet. Which link-structure do we have to use?

You have to activate the checkbox for the service provider initiated authentication in the beginning (Explorer - Setup - Manage Collaboration Hub authentication).

The next steps depend on your SAML-server:

ADFS

• Please execute following PowerShell command (as an administrator) on your ADFS:

  Get-AdfsRelyingPartyTrust -Identifier "editor.signavio.com"

  
  

• Search for the line "SignedSamlRequestsRequired" and check the value
• If the value is "False", continue with the steps for the other system (see below)
• If the value is "True", you have two options
  • Option 1:

    • You can change the value to "False" with following command:

      Set-AdfsRelyingPartyTrust -TargetIdentifier "editor.signavio.com" -SignedSamlRequestsRequired $false 
      

    • Continue with the steps for the other system (see below)
  • Option 2:
    • Get in contact with the Signavio Support (They will send you a new certificate, which has to be changed in the RelyingTrustParty and they will change something in the background of your workspace).

other system (e.g. Okta, Google, SAP)

• You can use two links for the SPI-Login:

https://editor.signavio.com/intralink/portal?t=<WorkspaceID>

You can find your Workspace ID under the "Workspace information" in the Help-menu.

https://editor.signavio.com/intralink/portal#/model/<ModelID>

→ Suggestion: replace the ModelID-parameter with the ID of your entry Point

Please note that customer of who are using the US or Australian infrastructure have to use app-us.signavio.com or app-au.signavio.com.

KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To

SAP Signavio Process Manager all versions ; Signavio Process Manager all versions