home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Configuring Data Proxy Settings

Intercept SAML

Security Assertion Markup Language (SAML) is an XML-based format that enables authentication and authorization between an identity provider and a service provider.

Click the toggle to enable Intercept SAML (Security Assertion Markup Language) for Single Sign On (SSO) configurations.

IMPORTANT You must enable your client to use Server Name Indication (SNI) to connect with the Lookout gateway.

Enter the following information.



  1. Click +Add IdP and enter one or more IdP entity IDs.
    An IdP ID specifies the identity provider (also known as the Identity Assertion Validator). The identity provider can assert to the system with which the user is trying to interact that the identifier is known to the provider. The system can then validate the IdP assertion. You can enter up to 10 IdP entity IDs. For example, if you have three IdP servers, you can enter a separate IdP ID for each. Each IdP ID you add is listed in the table below the SAML Signing Certificate field.


    You can use the icons in the Action column at the right to edit information about each IdP ID or remove an IdP certificate you no longer need.

  2. Select an IdP validation certificate. This is the certificate to be used to validate the SAML assertion presented by the IdP.
    The proxy will use this certificate to make sure the original assertion is authentic before rewriting it. If you see the message No Certificates Found, click the Please upload Identity Certificate link, which will take you to the Certificate Management page. From there, you can import an identity certificate. For instructions, see Configuring and managing certificates.
  3. Select an SAML Signing certificate from the list.
    The proxy uses this to re-sign the SAML assertion after rewriting. To enter additional IdP IDs, click +Add IdP.

Last updated: September 30, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.