IdpDiscovery
Warning
This authenticator is a legacy authenticator. It is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture. More information about the legacy authenticators can be found here.
Note
Includes a subset of of the SAML Discovery protocol. Primary usage is for internal SAML authenticators.
Properties
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| allowLanguageChange | Meant for the rendering template. should language change be allowed/visible | true | No |
| templateTitle | Meant for the rendering template. Use to override the default title. This parameter is localized | idpdiscovery.messages.information.title | No |
| templateBody | Meant for the rendering template. Use to override the default body. This parameter is localized | idpdiscovery.messages.information.body | No |
| template | Template presenting the ui to the user | idpdiscovery | No |
| idpList | List of IDP's to be shown. | N/A | Yes |
| spList | List of SP's allowed to query the service. The id configured must be presnet in the "AUTHENTICATORS" and be represented by either SAMLServiceProviderAuthN or SAMLSPBroker. | N/A | Yes |
idpList configuration
Configuring the possible idp listoption has a complex structure , it's a JSON Object. Example is a carve out of how one entry is configured and description of the keys and values.
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| internalID | Internal id of the IDP. This is alomst always the same valueaas the entityID. | N/A | Yes |
| image | URI to image where image is located | N/A | No |
| icon | CSS icon class instead of image | N/A | No |
| sortorder | Selection sort order | N/A | No |
| displayName | Friendly display name | Name of the authenticator | No |
Example Configuration
{
"alias" : "disco",
"name" : "IdpDiscovery",
"id" : "disco",
"configuration" : {
"templateTitle" : "Custom Title,
"allowLanguageChange" : "true",
"spList" : [ "myapps", "mapps2" ],
"idpList" : [ {
"internalID" : "auth2",
"displayName" : "This is the display name",
"sortOrder" : "10"
}, {
"internalID" : "auth1",
"displayName" : "This is the display 2"
} ]
}
}
Requirements
- SAML module deployed
- User selection is returned in the selectedIDP paramater.
- SAML sp return URL is taken from the store NOT from the return parameter in the request.