latest--saml-schema

The URL of the page the user will be redirected to by the plugin. Input varies based on the user.

The path that identity provider will post is relative to current API. Varies from user to user

Enables find user in the SAML response attribute statement and always differs between SAML plugin users

Acts in place of the default username attribute

Acts in place of the default roles attribute

A path to X509 certificate file in PEM format which contains a public key which matches the X509 certificate/key returned by Identify Provider(e.g ADFS).

A secret string for using in conjunction with private key for generating the HMAC signature in the JWT

Validates the signature in JWT token

Used for encrypting the JWT payload

Provides information which is sent to the SAML IDP and which the IDP may take action on.

The HTTP verb that the Authentication request redirection form will be sent with.

Acts in place of the default lastName attribute

Determines which authentication request is sent

Custom XML to send to the IDP. Must be valid against https://tinyurl.com/atv7c8n

Disable validation of the signature.

EAS SAML responses contain 2 signatures and ADFS/AZURE AD SAML responses contain one signature.

The issuer value in the EAS authentication request.

The assertion consumer url in the EAS authentication request

Allow tokens that use an algorithm of NONE.

An encrypted token (JWE) when returning a token to the caller.

Prevent data from being posted (POST/PUT) through the Gateway without a token

Number of seconds before the token (and cookie) time-out

Number of seconds before the authentication session times-out