Clone an instance with a SAML integration

Preserving SAML SSO-related settings can prevent the target instance from redirecting all authentication requests to the original IdP with the wrong issuer and audience parameters.

To preserve SAML settings, create data preservers for the following tables:
  • System Property [sys_properties]
  • X.509 Certificates [sys_certificate]
  • User [sys_user]

Preserve SAML properties

For a clone target instance to keep its existing SAML integration, you must edit the Core Instance Properties data preserver to include the SAML properties.

Before you begin

Role required: admin

Procedure

  1. Navigate to System Clone > Preserve Data.
  2. Select Core Instance Properties.
  3. Add the following Conditions.
    • [OR] [Name] [is one of] [glide.authenticate.external, glide.authenticate.external.logout_redirect, glide.authenticate.failed_requirement_redirect]
    • [OR] [Name] [starts with] [glide.authenticate.sso.saml2]
    • [OR] [Name] [starts with] [com.snc.integration.saml_esig]
    SAML system property preservation
    Note: Ensure the Theme check box is cleared so these properties are preserved regardless of whether you preserve the instance theme.
  4. Click Update.

Preserve SAML certificates

Preserve the SAML 2.0 certificate in the target instance so the SAML integration to continue working after a clone.

About this task

If you activated Multiple Provider Single Sign-On, the system has already created a data preserver for this table. Verify that it is correctly configured.

Procedure

  1. Navigate to System Clone > Preserve Data.
  2. Click New.
  3. Enter the following field values.
    Table 1. Data preserver field values
    Field Value
    Table X.509 Certificate [sys_certificate]
    Conditions [Name] [starts with] [SAML 2.0]
  4. Click Submit.
    The system clone now preserves the SAML certificates.

Preserve SAML users

If the source instance does not include the SAML users that you log in with, create a data preserver for those users.

  1. Navigate to System Clone > Preserve Data.
  2. Click New.
  3. Enter the following field values.
    Table 2. Data preserver field values
    Field Value
    Table User [sys_user]
    Conditions Enter the users you want to continue to log in from SAML.
  4. Click Submit.