Some configuration may be performed on the SSO Configuration screen rather than in the yaml. In particular, the ws-trust settings may be configured either in the yaml or on the screen. Configuring ws-trust on the sceen makes it possible to have different settings for different tenants. The various ws-trust settings are discussed in the SSOLogonDef section below.
The SAML claims used by ws-trust are always taken from the yaml; the SAML claims on the SSO Configuration screen are only used for OIDC.
This screen may also be used, (cloud only) to upload the IDP’s federation metadata file to EAM, and to download the cloud server’s metadata file (sp.xml). The latter is used to configure the IDP (relying party or application).