Perform the following steps to create a contract that matches what a trusted service provider is asking for in its authentication request.
On the Home page, click Identity Servers > [cluster name] > Authentication > Contracts > Plus icon.
Specify the following details:
|
Field |
Description |
|---|---|
|
Name |
Specify the name of the authentication contract. |
|
URI |
Specify a unique value. This value must match what the service provider is sending in its authentication request for the type. |
|
Methods |
Click Authentication Methods. Under Select Methods, select the method that matches the class or type you specified in URI. |
|
Authentication Level |
(Optional) Specify a security level or rank for the contract. This value is not used when authentication request sets the comparison type to exact. It is only used when a contract is selected based on a comparison of authentication levels. If the service provider sets the comparison type to minimum, the authentication level can be the same or higher. If the comparison type is set to better, the authentication level must be higher. |
Other fields for the contract are not requirements of an authentication request and can be configured to meet the requirements of Identity Server. For information about these fields, see Configuring Authentication Contracts.
Configure an authentication card for the contract. See Configuring Authentication Contracts.
Click Done > Save.
Update Identity Server.