hint:Public PEM-encoded X.509 signing certificate. If the provider has multiple certificates that are valid, join them together using the | pipe symbol.
hint:Public PEM-encoded X.509 signing certificate. If the provider has multiple certificates that are valid, join them together using the | pipe symbol.
multiline:true
multiline:true
order:4
order:4
privateCert:
privateKey:
type:String
type:String
title:Private Certificate
title:Private Key
hint:(Optional) - PEM formatted key used to sign the certificate.
hint:PEM formatted key used to sign the certificate.
multiline:true
multiline:true
order:5
order:5
decryptionPvk:
decryptionPvk:
@ -52,53 +52,88 @@ props:
- sha1
- sha1
- sha256
- sha256
- sha512
- sha512
digestAlgorithm:
type:String
title:Digest Algorithm
hint:Digest algorithm used to provide a digest for the signed data object
hint:If enabled, add WantAssertionsSigned="true" to the metadata, to specify that the IdP should always sign the assertions.
default:false
order:21
acceptedClockSkewMs:
acceptedClockSkewMs:
type:Number
type:Number
title:Accepted Clock Skew Milleseconds
title:Accepted Clock Skew Milleseconds
hint:Time in milliseconds of skew that is acceptable between client and server when checking OnBefore and NotOnOrAfter assertion condition validity timestamps. Setting to -1 will disable checking these conditions entirely.
hint:Time in milliseconds of skew that is acceptable between client and server when checking OnBefore and NotOnOrAfter assertion condition validity timestamps. Setting to -1 will disable checking these conditions entirely.
default:-1
default:0
order:9
order:22
disableRequestedAuthnContext:
disableRequestedAuthnContext:
type:Boolean
type:Boolean
title:Disable Requested Auth Context
title:Disable Requested Auth Context
hint:If enabled, do not request a specific authentication context. This is known to help when authenticating against Active Directory (AD FS) servers.
hint:If enabled, do not request a specific authentication context. This is known to help when authenticating against Active Directory (AD FS) servers.
default:false
default:false
order:10
order:23
authnContext:
authnContext:
type:String
type:String
title:Auth Context
title:Auth Context
hint:Name identifier format to request auth context.
hint:Name identifier format to request auth context.
hint:If enabled, the initial SAML request from the service provider specifies that the IdP should force re-authentication of the user, even if they possess a valid session.
hint:If enabled, the initial SAML request from the service provider specifies that the IdP should force re-authentication of the user, even if they possess a valid session.
default:false
default:false
order:12
order:26
passive:
type:Boolean
title:Passive
hint:If enabled, the initial SAML request from the service provider specifies that the IdP should prevent visible user interaction.
default:false
order:27
providerName:
providerName:
type:String
type:String
title:Provider Name
title:Provider Name
hint:Optional human-readable name of the requester for use by the presenter's user agent or the identity provider.
hint:Optional human-readable name of the requester for use by the presenter's user agent or the identity provider.
default:wiki.js
default:wiki.js
order:13
order:28
skipRequestCompression:
skipRequestCompression:
type:Boolean
type:Boolean
title:Skip Request Compression
title:Skip Request Compression
hint:If enabled, the SAML request from the service provider won't be compressed.
hint:If enabled, the SAML request from the service provider won't be compressed.
default:false
default:false
order:14
order:29
authnRequestBinding:
authnRequestBinding:
type:String
type:String
title:Request Binding
title:Request Binding
hint:Binding used for request authentication from IDP.
hint:Binding used for request authentication from IDP.