The service provider should be able to provide you with a metadata file that can be imported into the GridGuard system. A typical metadata file is shown above.

If a metadata file cannot be provided, they should at a minimum provide you with the following:

1. ACS URL
2. Encryption Certificate

1. Select the SAML Configuration option
2. Right-click and select the '+ Add' option

Steps for configuring the service provider node:

1. Provide a node used to identify the service provider node. Use a simple name with just numbers, alphabets a-z, and underscores and hyphens as this name will be used as part of multiple URLs
2. Specify the signing certificate that will be used to sign identity assertions that will be returned to the service provider
3. If a metadata file has been provided to you, import the file by first selecting the file (+Choose) and then uploading it (using the Upload button). Importing the metadata should automatically populate values for the Entity ID and ACS URL
4. If the metadata can be downloaded from a URL, specify the Import SP metadata URL and click the Go button to automatically import the configuration
5. If no metadata file or URL has been provided, manually enter the Entity ID
6. If no metadata file or URL has been provided, manually enter the ACS URL
7. Set the validity time to the time in minutes, the SAML session is valid for
8. Set the realm to the GridGuard realm that will be used to authenticate the user
9. Set the NameIdentifier to the value of the attribute that will be used to uniquely identify the user in the service provider's system
10. Check if the identity assertion should be signed
11. Check if the identity assertion should be encrypted
12. If additional attributes need to be included in the identity assertion, provide a mapping of attribute names and value. For details on how to add additional attributes, please refer to this link.
13. Click the '+ Add Service Provider' button to add the service provider
14. Click 'Apply Changes' to apply configuration changes