Installing the saml-support-service

First, in your helm override file, add saml-support-service to your list of services specified under moc.services:

moc: services: - sccs - core ... - saml-support-service

This should cause the saml support service kubernetes pod to be spun up with the next helm upgrade command.

Second, you’ll need to configure an ingress for the service and give it a ‘public’ (for your intranet) name so that both MOC and your SAML identity provider can speak to it.

If your kubernetes cluster is running in EKS, this can be done in the helm chart directly:

moc: albIngresses: saml-service-ingress: backendServiceName: saml-support-service backendServicePort: 8080 host: [your host name] certARN: [your ssl cert ARN]

In most cases, however, the ingress will need to be manually configured, as each cluster and kubernetes provider are slightly different.

Third, you’ll need to merge in the latest SCCS config files from the latest helm chart. The latest chart contains the necessary saml-support-service.yaml file, as well as a ‘ssoadapter’ profile section at the bottom of the application.yaml file where the specific SAML configuration can be filled out. After updating this configuration you’ll need to restart each of the MOC deployments to pull in the updated security configuration.