libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-15485 Add option to enable SAML SP metadata signature

Browse source
This commit is contained in:
Luca Leonardo Scorcia 2020-09-15 19:11:57 +02:00 committed by Hynek Mlnařík
parent 4500dcbbc6
commit d4302c0b88
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
server_admin/topics/identity-broker/saml.adoc
View file

@ -65,6 +65,9 @@ You must define the SAML configuration options as well. They basically describe
|Validating X509 Certificate |Validating X509 Certificate
|The public certificate that will be used to validate the signatures of SAML requests and responses from the external IDP. |The public certificate that will be used to validate the signatures of SAML requests and responses from the external IDP.
|Sign Service Provider Metadata
|If true, it will use the realm's keypair to sign the <<_identity_broker_saml_sp_descriptor, SAML Service Provider Metadata descriptor>>.
|Pass subject |Pass subject
|Whether or not a `login_hint` query parameter should be forwarded to the IDP. When provided, this login_hint parameter is added to AuthnRequest's Subject. This allows destination providers to prefill their login form. When no login_hint is provided, nothing is forwarded as an AuthnRequest Subject. |Whether or not a `login_hint` query parameter should be forwarded to the IDP. When provided, this login_hint parameter is added to AuthnRequest's Subject. This allows destination providers to prefill their login form. When no login_hint is provided, nothing is forwarded as an AuthnRequest Subject.
|=== |===