Skip to main content
Skip table of contents

Connecting Service Providers

Service Providers are applications, platforms and digital services that require Authentication and Authorization of Users. This page provides an overview of Service Providers pre-configured in
The pre-configured Service Providers are configured during the first time installation of and cannot be deleted nor modified.
Additional Service Providers can be added by clicking "Add new SP" in the top-right corner of the Admin Portal.





User defined name of the Service Provider


The type of Service Provider.
Following types are supported:

  • SAML2

  • SAML2 Upload XML 

  • Proxy Locations

  • OAUTH Client

  • API

  • WS Federation


Path that indicates where the Service Provider is located.  


Hostname of the server (if another server than the Admin Portal Server is used). Subdomain and domainname.  
If not provided, this server hostname is used.


User defined description of the Service Provider

Principal Subject

Defines how the user is identified.  Can have 3 values

  • TrustBuilder User ID: An internal identifier (database ID) of the user in the TrustBuilder repository.

  • Anonymous: The user is not identified

  • User Attribute: The user is identified by a specific attribute. This attribute is defined as "Subject" (see below).


If the Principal Subject is "User Attribute" this will define which attribute will be used as subject in messages to this Service Provider

Applies for SAML, OAuth, WS Federation


Unique identifier of the Service Provider, given by the system. Only used between systems and workflows.

Sorting, filtering and changing columns

The initial SP page is a list of all the current SPs in the system.  The list can be sorted by clicking the column headings. One click to  sort descending and click again to sort ascending.

The order of columns can be changed by dragging and dropping the column headings.

The list of Service Providers can be filtered, by typing in the text boxes under each column header.

Columns can be hidden by clicking the 3 bar settings button on the  right after the last column heading. This will open a menu. If a column  name is ticked it is visible if there is a cross before the name then  the column is hidden. To toggle the states click the ticks and crosses.

All of these settings are stored in the local storage of the browser  to persist the state between pages and visits to the application. If the local storage is cleared these settings are lost.

Editing a Service Provider

Button (icon)


Edit  SP (pencil)

Configure the endpoints, subject, certificates, etc.
The configuration parameters depend on the type of Service Provider that is selected.

Edit Authorizations (Shield)

Define the Access Policies to this Service Provider.

Edit Identity (Person)

Configure the Attributes that are used by this Service Provider.

Edit SP Settings (Wrench)

Configure the Branding (logo) of this Service Provider.

Include header value and sessionid in logback

In this example we will add a custom header and the current sessionid to the logback pattern.

For starters we will add the header into the Nginx configuration. In this case we're crafting a unique request id for each incoming request. This might be useful to extract the logs of one single request.

Add this line to the nginx config:

proxy_set_header              X-Request-Id $request_id;

Change the TrustBuilder context to add that header to the logged headers

<Environment name="LOG_HEADERS" value="X-Request-Id,Host,X-Some-Other-Header-I-Want-To-Log" type="java.lang.String" override="false"/>

Change the logback configuration to log the session ID and the request header (or the host header, or both). All the headers can be accessed via the pattern %X{H_CASESENSITIVEHEADERNAME}

<Pattern>[%d{dd-MM-yyyy HH:mm:ss.SSS}] [%X{H_X-Request-Id}] [%X{JSESSIONID}] [%thread] %-5level %logger{36} - %msg %n</Pattern>

After restarting the gateway and Tomcat, the new settings are applied.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.