You can integrate a SAML application in Zextras in two ways — automatic and manual. The following sections describe each method in detail.
To integrate a SAML application into Zextras automatically, you need to configure the IDP using the Zextras SAML SDP data, which can be obtained from the following URI:
Here, ZIMBRA_PUBLIC_URL is the URL of the Zextras instance and example.com is the domain for which you want to enable SAML.
Above all, the following parameters must be taken into account:
"sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress ",
Once the IDP is configured and you have the IDP metadata URL, you can import the configuration using the command (assuming the IDP metadata are in https://localidp.local.loc/simplesamlphp/saml2/idp/metadata.php):
zxsuite auth saml import example.com URL https://localidp.local.loc/simplesamlphp/saml2/idp/metadata.php
If the IDP is using an unsecured connection or a self signed certificate, the command will be this:
zxsuite auth saml import example.com url https://localidp.local.loc/app/xxxxxxxxxxxxxxx/sso/saml/metadata allow_insecure true
You are now DONE! You can see the SAML button.
If you need to manually edit the SAML configuration, you can:
Export the default SAML settings using:
zxsuite auth saml get example.com export_to /tmp/saml.json
Open the resulting file /tmp/saml.json in any editor and modify the requested attributes
Save the changes made to the file and import it into Zextras Suite using the command:
zxsuite auth saml import example.com /tmp/saml.json
It is also possible to view or edit single attributes by using the