- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2017 04:41 AM
Hi,
My customer is using IBM Federation Identity Manager for WebSSO, i believe there is currently no documented integration with ISE so does mean the integration is not possible or it's just a non-supported integration? If the later, how do we export the SAML metadata file?
Thanks,
Brad
Solved! Go to Solution.
- Labels:
-
Identity Services Engine (ISE)
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2017 05:11 AM
Which version of ISE are you using? If 2.1 and above, then all SAMLv2 compliant Identity Providers are supported.
If you are asking how to export the metadate file from your IBM Federation Identity Manager, check out this link: IBM Knowledge Center
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2017 05:11 AM
Which version of ISE are you using? If 2.1 and above, then all SAMLv2 compliant Identity Providers are supported.
If you are asking how to export the metadate file from your IBM Federation Identity Manager, check out this link: IBM Knowledge Center

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2017 07:31 AM
Right to expand we only can validate and document a limited number of integration guides. If the system supports SAML 2.0 then it should work if they are following standards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2017 07:32 PM
Thanks for the responses. They are on ISE 2.2.
So a couple of questions:
1. How do we export the metadata from ISE?
2. How do we import the IBM metadata into ISE?
Do we have any documentation on this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2017 04:21 AM
There is nothing to export from ISE. Once the metadata from IBM is uploaded to ISE, the Identity lookups can happen.
For the ISE Side, follow the link below and scroll down to the section titled SAML v2 Identity Provider as an External Identity Source.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2017 03:51 PM
Going over the steps in the ISE Admin Guide in Steps 11, 12 and 13 it mentions exporting the metadata file from ISE but you're saying there's nothing to export from ISE. So do we ignore these steps or am i missing something?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2017 04:17 PM
Yes, you are correct that we should download the zip file containing the metadata file for each of the ISE portals configured with SSO. If the IdP (e.g. PIngFederate or ADFS) allows to import the metadata for an SP, then download that from ISE and upload it to the IdP. Otherwise, open up the file and extract the values needed and configure them in the IdP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2017 05:04 AM
Bradley Ford wrote:
Going over the steps in the ISE Admin Guide in Steps 11, 12 and 13 it mentions exporting the metadata file from ISE but you're saying there's nothing to export from ISE. So do we ignore these steps or am i missing something?
You are 100% correct. You do have to export from ISE, i apologize for my haste.
hslai, thank you for your answer.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2017 07:02 AM
you can use one of the existing documented providers here to help you with some guidance as well
If you come up with some notes for this provider please share as this is a community
