Configure Circle of Trust (COT):

Create Identity Provider (IDP) Host:

Loging to your idp url: by using amadmin account

On the Common Tasks page,  Click on Create Hosted Identity Provider



Metadata Name is the unique url for this Identity Provider, leave it as default.

Enter a New Circle of Trust for this IDP, say: idp_cot

Click on the Configure button and click Finish button on the next page.


You should have the metadata for you idp by passing this url:  You will see the browser will display the metadata xml content.  You can save the page source xml and this is your idp metadata xml




Create Service Provider (SP) Host:

Login to your sp url: by using amadmin account.

On the Common Tasks page,  Click on Create Hosted Service Provider


Realm will be your jdbc realm (we did configure early), it is 2qvideo for me.

Name is the unquie url for IDP to see, I leave it as default.

New Circle of Trust is the name to identify this cot, I named it: 2qvideo_sp_cot


Click Configure button to finish this page

Click Yes button to the pop up window that ask you to create a remote identy provider if you have the idp metadata ready or No to do it later.

To configure the Remote Identity Provider, SP will need the metadata of the IDP by the URL or the file, since we have the idp metadata url, we will enter URL where metadata is located: anc click Configure button.


Again, you can get your metadata by url (tricky with the realm, enter realm=2qvideo at the end):


Now, Your SP COT is done.  You can verify by click on the Federation tab. 



Let come back to Idp and finish off the IDP COT becuase we are now have the SP metadata.

Log back in to IDP url: with amadmin user and go to the Federation tab.

Click Import on Entity Provider section.



Enter URL where metadata is located: and click OK button


Click on the idp_cot link to add this SP entity on the IDP COT:


Click Save and you now have COT between IDP to SP and COT between SP and IDP