This topic describes how to configure metadata for role-based single sign-on (SSO) to make sure that your identity provider (IdP) is trusted by Alibaba Cloud (service provider).
Conventions for policy syntax
The metadata file of your IdP is obtained. The metadata file is in the XML format. The metadata file contains the logon URLs, the public key that is used to verify SAML assertions, and the assertion format.
Procedure
Log on to the Resource Access Management (RAM) console with an Alibaba Cloud account.
In the left-side navigation pane, choose .
On the Role-based SSO tab, click the SAML tab and click Add IdP.
On the Create IdP page, configure IdP Name and Remarks.
In the Metadata File section, click Upload File to upload the metadata file that is obtained from your IdP.
Click OK.
What to do next
Create a RAM role for role-based SSO. For more information, see Create a RAM role for a SAML IdP.