Edit an Application

About this task

Note: This procedure only applies to on premises deployments of SOTI MobiControl or SOTI Connect.

To edit an existing application that's connected to SOTI Identity:

Procedure

  1. In the SOTI Identity Admin Console, open the main menu in the top left and select Applications.
  2. Select the application that you want to edit and click the Edit icon in the Application Actions menu bar.
  3. In the Edit Application dialog box, edit the application details.
    Field Description
    Application Name Enter a name for this application.
    Application Logo Logos are optional. Drag an image file to use as a logo, or select Change Logo to browse your file system for an image file.

    Image files can be a maximum of 1MB and 300 × 300 px.
    Description Add a description for this instance (maximum of 120 characters). A description is helpful to distinguish multiple instances of the same application type managed by a single SOTI Identity account.

    The Description also appears in the application tile in the SOTI ONE Portal.
  4. Review the application's metadata.
    Important: Do not edit the metadata manually or you will break the connection between SOTI Identity and the application.

    The metadata is automatically generated when you connect the application to SOTI Identity.

    If you need to update the connection between SOTI Identity and SOTI MobiControl or SOTI Connect , generate a new client secret in SOTI Identity and then update it on the application side. Read View the Credentials of an Application for instructions on how to get a new client ID.

    1. SOTI Identity automatically populates metadata fields if you upload a metadata file or enter a link (URI) to a metadata file.
      Field Description
      Application Metadata Type Choose how SOTI Identity exchanges metadata with the application.
      • File
      • URI
      Application Metadata File Upload a SAML metadata file for SOTI Identity to use to exchange metadata with the application.

      SOTI Identity will automatically populate any relevant metadata fields from the content it receives from this file.

      Note: This option is only available when File is selected as the Metadata Type.
      Application Metadata URI Enter the URI where SOTI Identity can receive metadata with the application.

      SOTI Identity will automatically populate any relevant metadata fields from the content it receives from this URI.

      Note: This option is only available when URI is selected as the Metadata Type.
    2. This metadata section handles general SAML settings.
      Field Description
      SAML Audience A URL or unique string that indicates the audience of the assertion.
      SAML Consumer URL A URL that indicates the endpoint of the service provider who handles (or consumes) the assertion.
      Recipient A URL that indicates the recipient of the assertion.

      Generally, this is the same value as the SAML Consumer URL unless your application service requires a specific value.
      Relay State A URL for a custom landing page. Application users are redirected to this page after they authenticate to the SAML Consumer URL.

      Service provider initiated environments may leave this field blank and users are automatically returned to their initial page.
      Log Out URL A URL that indicates the destination of logout requests.
    3. This metadata section handles settings for the SAML request.
      Field Description
      Is Request Signed? Turn on to force SAML requests to be digitally signed when sent to the application service provider.
      Request Signing Certificate Upload a public signing certificate to sign the SAML request from the application service provider to SOTI Identity.
    4. This metadata section handles settings for the SAML response.
      Field Description
      Is Response Signed? Turn on to force SAML responses (or assertions within the response) to be digitally signed when sent to the application service provider. Messages require a digital signature to verify they were created by SOTI Identity.
      Signature Element Choose a signature element type:
      • Assertion
      • Response

      The chosen signature element is signed in the SAML response to be sent to the application service provider.
      Signature Algorithm Choose an algorithm for the signature:
      • SHA-1
      • SHA-256
      • SHA-384
      • SHA-512

      The algorithm is used to sign the SAML response.
      Include SOTI Identity Signing Certificate Turn on to include the SOTI Identity signing certificate in the SAML response.
      Is Assertion Encrypted? Turn on to encrypt the assertion sent to the application service provider.
      Encryption Algorithm Choose an algorithm to encrypt the SAML response:
      • TRIPLEDES-CBC
      • AES-128-CBC
      • AES-192-CBC
      • AES-256-CBC
      Name ID Format Choose the format that SAML should use to process the assertion's subject statement:
      • Unspecified
      • Email ID
      • Persistent
      • Transient

      Choose Unspecified unless the application explicitly requires another format.
  5. Turn on Make it mandatory to assign roles if you want to block application users from being assigned an application without a corresponding user role.
    If a user is assigned an application but no role, they have no access to the application.
  6. Click Update to save your changes.

Results

The application will be updated with your new settings.