In the dialog that appears, complete Option 1 to download the IdP metadata, and keep this for the Bread & Butter setup below.
Note: The X.509 Certificate will expire in 5 years. Set a reminder for yourself to generate a new Certificate before it expires. If the Certificate expires, your users will no longer be able to log in with the provider
For ACS URL, enter the following:
For Entity ID, choose a unique name
Leave Start URL blank
For Name ID Format, choose EMAIL.
Under Attribute Statements, add the following entries (case sensitive):
Add email, and choose the value Primary Email from Basic Information
Add first_name, and choose the value First Name from Basic Information
Add last_name, and choose the value Last Name from Basic Information
Your app information should now be displayed. Expand the User Access section.