Allow clients to access the signing certificate for the identity domain in IAM without logging in to an identity domain.
-
Open the navigation menu and select Identity & Security. Under Identity, select Domains.
-
Click the name of the identity domain that you want to work in. You might need to change the compartment to find the domain that you want.
-
Select Settings and then select Domain settings.
-
Under Access signing certificate, select Configure client access to enable clients to access the tenant signing certificate without signing in to IAM.
If this option is cleared, clients can access the tenant signing certificate and the SAML metadata only after they authenticate by signing in to the identity domain.
-
Select Save changes.
-
In the overview page for the identity domain overview, select Copy next to the Domain URL in Domain information.
-
In a new browser tab, paste the URL you copied and add
/fed/v1/metadata
https://<domain_url/fed/v1/metadata