Custom SAML resources were developed for SSO to things like your VLE, G Suite or Adobe Creative Cloud. You can also use them for peer to peer access to SAML resources that have not yet got enough subscribers to benefit from membership of a federation (which makes thing much easier for all parties). In both situations this should work for any SAML target that adheres to the SAML 2 core specification (http://saml2int.org/profile/current).
Because SAML requires a resource to have a unique identifier (entityID) they can only be added at the domain level.
Custom SAML resources will appear in reports alongside regular and proxy resources.
Add a new custom SAML resource
As the domain administrator go to the custom tab of the resource catalogue and click the add button. Choose the SAML option.
You are first asked for the resource's metadata and you can supply the URL or upload a file:
This creates the resource but it may not have the friendliest of names at this point as the name is drawn from the metadata and it will fall back to the entityID. If you click on the name in the resource catalogue you can edit the name, description and logo if you need to.
Custom SAML resources are identified in the catalogue with a 'SAML' tag:
You will almost always need to tell the other application about your own metadata or endpoints before it will work,
Manage an existing custom resource
As well as being able to edit names and descriptions, custom SAML resources have two additional tabs which allow you to upload a second certificate or update the metadata.
Updating the metadata will overwrite any customisations you have made to other fields so should be done only when necessary.
Delete a custom resource
From the catalogue, click on the resource title to bring up its details page and click on the trash button next to the save button.
Allocate a custom SAML resource
Custom SAML resources can be allocated to permission sets in the same way as any other resource or custom resource.