Configuring Lexmark Cloud Services

From the Account Management web portal, click Organization > Authentication Provider > Configure an Authentication Provider.

From the Domains section, type the domain of the identity provider, and then click Add.

From the Authentication Provider Type menu, select SAML.

From the SAML Authentication Provider section, select Without Metadata URL.

From the Single Sign‑On Settings section, type the correct information in the following fields:

• Service provider entity ID

Note:  The default Lexmark Cloud Services entity ID is https://idp.iss.lexmark.com. Make sure that the Entity ID in Azure matches the Entity ID in the Lexmark Cloud Services portal.

• SSO target URL—The login URL of the Azure enterprise application that you created.
• SSO Logout URL—This URL determines the behavior when a user logs out of the Lexmark Cloud Services portal.
• If you want the user logged out of your Azure tenant completely, then type the logout URL of the Azure enterprise application that you created.
• If you want the user to be signed out only of Lexmark Cloud Services, then type another URL. The URL can point to a page that you maintain (“You have successfully logged out”) or you can use the appropriate Lexmark Cloud Services login page for your organization. Depending on your location, the URL can be https://idp.us.iss.lexmark.com or https://idp.eu.iss.lexmark.com.

From the SSO name identifier format menu, select E‑mail address.

In the Certificate field, copy and paste the base‑64 certificate key from the token‑signing certificate of the identity provider.

If you instead have a metadata.xml file containing the URLs and certificate data, add the header and footer manually.

-----BEGIN CERTIFICATE---- MIIC8DCCAdigAwIBAgIQdzA… -----END CERTIFICATE-----

Click Configure Authentication Provider.

Note:  Do not exit the Lexmark Cloud Services portal or allow it to time out. You may be unable to log in to correct any problems you discover while testing.