Using the Federation First Steps tool

You can use the Federation First Steps tool to create SAML 2.0 federations for Identity Provider and Service Provider roles.

1. Use any of the following options to start the Federation First Steps tool:
   • In the installation wizard, the Launch the First steps console option check box is selected by default. Click Finish.
   • In the fedfirststeps directory, start fedfirststeps.exe or fedfirststeps to start the Federation First Steps tool.
   • Run the following commands in the command-line interface:
     • Microsoft Windows

       $FIM_Install/tools/fedfirststeps/fedfirststeps.exe 

     • UNIX

       $FIM_Install/tools/fedfirststeps/fedfirststeps 

2. In the First Steps console Welcome page, click Start creating a federation. The Federation First Steps page opens.
3. From the Federation First Steps Welcome page, click Start creating a Federation to open the Federation Templates tab. The Federation Templates page lists a set of protocol and role templates that you can use.
4. From the Federation Templates page, select a template to start creating a federation.
5. Click Apply. The Federation Properties page opens.
6. In the Federation Properties page, enter a unique name for your federation. You can use only characters from the set 'a-z', 'A-Z', and '0-9'.
7. Enter your point of contact URL either in http://.../sps or https://.../sps format. Click Next.

   If you are using the WebSEAL templates follow these steps:

   1. Select Automatically configure WebSEAL as the point of contact server if you have the Tivoli® Access Manager WebSEAL and Tivoli Access Manager Runtime for Java™ installed in the same machine as the Federation First Steps tool. Otherwise, manually configure WebSEAL. See Configuring a WebSEAL point of contact server for SAML federation for details.
   2. Fill out the rest of the fields in the panel if you have chosen to automatically configure WebSEAL as the point of contact server.
8. Click Next.
9. Review the summary information. Click Back if you want to change anything.
10. Click Finish if you want to start the task processing.
    Note: Click Details to view the trace information while the tool processes the federation task.
11. Click OK.
12. Choose any of the following options to configure your domain:
    1. If you have an existing domain, activate the domain in the Integrated Solutions Console:
       1. Log on to the console and select Tivoli Federated Identity Manager > Domains.
       2. Select your domain from the list, and click Make Active.
    2. If you do not have an existing domain:
       1. The Federation First Steps tool attempts to do the following tasks before creating a federation:
          1. Create a domain.
          2. Deploy the runtime to the domain that the tool created.
          3. Configure the runtime for the domain.
          Note: The Federation First Steps tool automatically creates a domain for you. If you want to use the Integrated Solutions Console in a browser to work on the domain, follow these steps. The domain created by the tool is then listed in the console.
       2. Manually do the following steps from the Integrated Solutions Console:
          1. Log on to the console and select Tivoli Federated Identity Manager > Domains.
          2. Recreate the domain. Click Create to recreate a domain. See the IBM® Tivoli Federated Identity Manager Configuration Guide for instructions on creating a domain.
          3. At the end of the domain wizard, select the check box to make the domain active.
13. View the details of the federation that you have created.
    1. Click Tivoli Federated Identity Manager > Configure Federated Single Sign-on > Federations.
    2. The Federations panel shows a list of configured federations. Select the federation.
    3. Click Properties to view properties for an existing federation.
    4. Select the properties to modify. Federation properties are described in the online help.
    5. Click OK to close the Federation Properties panel, when you have finished viewing or modifying the properties.