SAP Knowledge Base Article - Public

3160963 - SAML - Which link will be used for the SPI

Symptom




We always use the SAML login-page on our side, but now we want to send direct links to specific diagrams to our colleagues or spread the link on our intranet. Which link-structure do we have to use?



Resolution


You have to activate the checkbox for the service provider initiated authentication in the beginning (Explorer - Setup - Manage Collaboration Hub authentication).

The next steps depend on your SAML-server:

ADFS

  • Please execute following PowerShell command (as an administrator) on your ADFS:

    powershellRDark


  • Search for the line "SignedSamlRequestsRequired" and check the value
  • If the value is "False", continue with the steps for the other system (see below)
  • If the value is "True", you have two options
    • Option 1:
      • You can change the value to "False" with following command:

        powershellRDark


      • Continue with the steps for the other system (see below)
    • Option 2:
      • Get in contact with the Signavio Support (They will send you a new certificate, which has to be changed in the RelyingTrustParty and they will change something in the background of your workspace).


other system (e.g. Okta, Google, SAP)

  • You can use two links for the SPI-Login:


https://editor.signavio.com/intralink/portal?t=<WorkspaceID>

You can find your Workspace ID under the "Workspace information" in the Help-menu.


https://editor.signavio.com/intralink/portal#/model/<ModelID>

→ Suggestion: replace the ModelID-parameter with the ID of your entry Point

Please note that customer of who are using the US or Australian infrastructure have to use app-us.signavio.com or app-au.signavio.com.



Keywords

KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To

Product

SAP Signavio Process Manager all versions ; Signavio Process Manager all versions