To Configure SAML

Make sure to configure your SAML provider setting up your Anypoint Platform organization as your audience.
Set the assertion consumer service to send a POST request to https://anypoint.mulesoft.com/accounts/login/receive-id.
Log into the master Organization in Anypoint Plaform as Administrator.
In Anypoint Platform, click Access Management > External Identity.
From Identity Management, select SAML 2.0.

The External Identity - Identity Management SAML 2.0 form appears.
Fill in the following required fields:
- Sign On URL
  
  This redirect URL provided by the IdP for sign in. For example, https://example.com/sso/saml.
- Sign Off URL
  
  URL to redirect sign out requests, so users both sign out of the Anypoint Platform and have their SAML user’s status set to signed out.
- Issuer
  
  ID of the identity provider instance that sends SAML assertions.
- Public Key
  
  Public key provided by the identity provider, used to sign the SAML assertion.
- Audience
  
  An arbitrary string value that identifies your Anypoint Platform organization. The typical value for this string is <organizationDomain>.anypoint.mulesoft.com.
Expand Advanced Settings, and optionally fill in the following fields.
- Username Attribute
  
  Field name in the SAML AttributeStatements that maps to username. By default, the 'NameID' attribute of the SAML 'Subject' in the SAML assertion is used.
- First Name Attribute
  
  Field name in the SAML AttributeStatements that maps to First Name.
- Last Name Attribute
  
  Field name in the SAML AttributeStatements that maps to Last Name.
- Email Attribute
  
  Field name in the SAML AttributeStatements that maps to Email.
- Group Attribute
  
  Field name in the SAML AttributeStatements that maps to Group.
Save your configuration.
Sign out and then navigate to the Sign On Url entered above and sign in via your identity provider to test the configuration.