You should have created an "Organisation" on your Wallix AM or use the default "global" organisation (the latter is not recommended).
This organisation will be used for your SAML configuration, it will be displayed in your HTTPS portal address "https://mywallix.address.com/wabam/***organisation**?"
Creating the inWebo SAML connector
Downloading inWebo SAML 2.0 metadata needed for your Wallix AM configuration
Add a SAML 2.0 connector in your administration console for your service.
Ignore the “Service provider” configuration and click the ADD button to add the connector without any settings
Download inWebo Idp SAML 2.0 metadata in XML format
Wallix Access Manager configuration
In the Wallix AM, select the SAML Identity Providers option available under the Configuration tab. Click on the +Add button, located at the top-right hand corner of the page, to add a new identity provider.
Completing the "Service Provider" tab
Select the "service provider" tab
In the field "WAB-AM Entity Id", indicate your future WAB Access Manager portal Address : ex: https://mywallix.address.com/wabam/***organisation**?domain=SAML ( ***organisation*** refers to a previously created "organisation" on your WAB Access Manager, and domain "SAML" will be precised in the "Domain" Tab of this configuration.)
Set the Sign Messages option to “YES” and generate the Signing Key & Certificate
Uploading the inWebo metadata file in the "Identity Provider" tab
Next, select the Identity Provider tab to configure inWebo identity provider settings.
Upload IdP inWebo Metadata by clicking on the Upload icon as shown above
After importing inWebo metadata the following information should be imported from the inWebo Metadata and match the SAML 2.0 connector / information displayed in the inWebo administration console
Select Redirect binding from "SSO Binding Type" option.
Completing the "Domain" tab
Select the domain tab to configure the SAML domain and provisioning attributes
Fill the field Domain Name, this is the domain that will be indicated in the HTTPS address. It must match the domain provided in the "WAB-AM Entity Id" configuration (in the above configuration example "WAB-AM Entity Id" the domain is set to SAML)
In the Default Profile select the default profile the SAML user will have (Refers to the profiles configured on your WAB-AM Configuration/Profiles)
Attributes – Click on the Pencil icon to add provisioning attributes settings (see below)
SAML Attributes configuration
For Login Attribute select "uid" or "login"
For Email attribute select "mail"
You can configure a Profile Attribute to be provided by inWebo (ex : wabam_profile) otherwise all users will use the "Default Profile" configured in the previous step
These attributes must match the inWebo Administration console SAML connector configuration that will be done in the following steps. Click the "Save" button twice when you have completed the configuration.
Downloading Service provider Metadata from your Wallix AM
The SP metadata file can be downloaded once the SAML Identity Provider entity has been saved. Edit the SAML Identity Provider you just created and click the Download button in the Service Provider tab.
Completing inWebo SAML connector configuration
Updating Wallix AM SP metadata
On the inWebo SAML 2.0 configuration connector, Copy/paste the XML SP metadata you downloaded from your Wallix AM, in the section 2 of the inWebo SAML 2.0 connector configuration:
InWebo Attributes configuration
Complete your SAML configuration with the same attributes entered in your Wallix AM Attributes configuration.
If you want inWebo to provide the user profile then add another attribute (ex: wabam_profile) to return the Attribute Value based on "User groups" or "User extrafield". Click Update and close your inWebo connector configuration.
Create an inWebo Secure Site
On Secure Site tab click "Add a Secure Site of type ..." and choose from the list the SAML 2.0 connector you just created.
Choose a name and configure "Called URL" to be your "WAB-AM Entity ID" configured above.
Testing the SAML access
You service will be available at the address identified as shown above "Called URL": https://**************/wabam/organisation?domain=SAML
You'll be directed to MyinWebo.com then
With a valid authentication you'll access the Wab Access manager