SAMLNias
Warning
This authenticator is a legacy authenticator. It is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture. More information about the legacy authenticators can be found here.
Note
Authenticate using Net iD Access server. Typically used by SITHS, EFOS and custom CA clients.
Properties
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| idpID | The iternal identifier of the idp used | N/A | Yes |
| mappingProperty | Property to use when other user identifier is used than the CN on the issued certificate | N/A | No |
| pipeID | ID of the pipe executef after approved NIAS login | N/A | Yes |
| loginTemplate | Template used when redering UI | nias.template | No |
| samlAuthMethod | The value put as AuthnContextClassRef in the assertion issued | urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig | No |
| endPoint | HTTP/HTTPS location of the NIAS backend server | N/A | Yes |
| nias_keystore_ID | The keystore to use for mutual TLS with NIAS server | N/A | No |
| userMapPipe | If using somthing else than personal number a pipe can be used to translate user id to pernonal number | N/A | No |
| enableHoneypot | Used by the UI template to enable/disable bot protection | true | No |
| templateVariables | Custom config for temaple rendering | N/A | Yes |
| sendSAMLResponseOnError | Whether or not a SAMLResponse containing an error response should be sent back to the SP upon an internal authentication error. | false | No |
| strictValidation | Whether or not additional validation checks should be made on the SAMLRequest. | false | No |
| resolveSAMLRequestProperties | Whether or not request properties from the SAML AuthnRequest should be resolved before proceeding with the authentication. Typically used at the start of an authentication flow. | false | No |
Example Configuration
{
"id": "cc5a1005-e4d9-4dd1-89aa-bcffbbaae519",
"description": "niassaml",
"alias": "niassaml",
"name": "SAMLNias",
"displayName": "niassaml",
"configuration": {
"pipeID": "ecff89d7-7069-4c6c-b086-33d2df6253fd",
"idpID": "be81000d-ab8b-43b4-a076-18152489e81f",
"endPoint": "https://path_to _server/ServiceServer.asmx",
"templateVariables": {
"cancel_href": "/saml/authenticate/logout/pope/?nextTarget=/saml/authenticate/niassaml",
"methods": [{
"title": "netid.messages.buttons.nias_od",
"data-toggle-action": "OD"
},
{
"title": "netid.messages.buttons.nias_sd",
"data-toggle-action": "SD"
}
]
}
}
}
Requirements
A configured Net iD Access server configured.