Overview
Configure Maverics to use 1Kosmos as an IDP using the SAML protocol.
.png?sv=2022-11-02&spr=https&st=2025-05-05T13%3A25%3A41Z&se=2025-05-05T13%3A36%3A41Z&sr=c&sp=r&sig=a6VcVZQyeglbjEKxj4JiEGBf4nag3518IkZHSQaBU1s%3D)
Identity Fabric/1Kosmos (SAML)→Configure Identity Fabric→Use for authentication in any type of user flow
Configure Identity Fabric
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
Use a Secret Provider
Production settings ought to implement a secret management system. Maverics connects with multiple secret management systems, which keep secrets that Orchestrator instances retrieve during startup. To cite a secret from your provider, enclose the name in angle brackets. (e.g. <app client-id>)
Learn more about Secret Providers
Name | Description | Example |
---|---|---|
Name | The friendly name of your provider. | onekosmos |
Metadata URL | This is the metadata URL from the application configured in the SAML provider. This setting will accept a file:/// URI if the metadata file is saved on a filesystem accessible to the Orchestrator user. |
|
Consumer Service (ACS) URL | The URL that the SAML provider will use to POST the SAML response. The Mavericks SAML ACS handler will be served on this URL, as such it should not conflict with the path of any application resources. The path can be arbitrary (e.g. /maverics-saml or /saml-handler), but must match the provider's configuration for the specified Entity ID. |
|
Identifier (Entity ID) | The unique Enterprise Application identifier. |
|
{
"connectors": [
{
"name": "onekosmos",
"type": "onekosmos",
"samlMetadataURL": "https://example-com.1kosmos.net/default/metadata",
"samlConsumerServiceURL": "https://maverics.example.com/1k-acs",
"samlEntityID": "https://example.com"
}
]
}
connectors:
- name: onekosmos
type: onekosmos
samlMetadataURL: "file:///etc/maverics/samlmetadata.xml"
samlConsumerServiceURL: "https://maverics.example.com/1k-acs"
samlEntityID: "https://example.com"
errorPage: "https://example.com/login-error"
JSON deployed to the orchestrator
{
"connectors": [
{
"name": "onekosmos",
"type": "onekosmos",
"samlMetadataURL": "https://example-com.1kosmos.net/default/metadata",
"samlConsumerServiceURL": "https://maverics.example.com/1k-acs",
"samlEntityID": "https://example.com"
}
]
}