libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
keycloak-scim/securing_apps/topics/saml/java/general-config/idp_singlelogoutservice_subelement.adoc
Stian Thorgersen 8a36a4b28a Prepare to move to single repository
2017-02-14 10:05:15 +01:00

47 lines
2.1 KiB
Text
Raw Blame History

===== IDP SingleLogoutService sub element
The `SingleLogoutService` sub element defines the logout SAML endpoint of the IDP. The client adapter will send requests
to the IDP formatted via the settings within this element when it wants to logout.
[source,xml]
----
<SingleLogoutService validateRequestSignature="true"
validateResponseSignature="true"
signRequest="true"
signResponse="true"
requestBinding="redirect"
responseBinding="post"
postBindingUrl="posturl"
redirectBindingUrl="redirecturl">
----
signRequest::
Should the client sign logout requests it makes to the IDP? This setting is _OPTIONAL_.
Defaults to whatever the IDP `signaturesRequired` element value is.
signResponse::
Should the client sign logout responses it sends to the IDP requests? This setting is _OPTIONAL_.
Defaults to whatever the IDP `signaturesRequired` element value is.
validateRequestSignature::
Should the client expect signed logout request documents from the IDP? This setting is _OPTIONAL_. Defaults to whatever the IDP `signaturesRequired` element value is.
validateResponseSignature::
Should the client expect signed logout response documents from the IDP? This setting is _OPTIONAL_. Defaults to whatever the IDP `signaturesRequired` element value is.
requestBinding::
This is the SAML binding type used for communicating SAML requests to the IDP. This setting is _OPTIONAL_.
The default value is `POST`, but you can set it to REDIRECT as well.
responseBinding::
This is the SAML binding type used for communicating SAML responses to the IDP. The values of this can be `POST` or `REDIRECT`. This setting is _OPTIONAL_.
The default value is `POST`, but you can set it to `REDIRECT` as well.
postBindingUrl::
This is the URL for the IDP's logout service when using the POST binding. This setting is _REQUIRED_ if using the `POST` binding.
redirectBindingUrl::
This is the URL for the IDP's logout service when using the REDIRECT binding. This setting is _REQUIRED_ if using the REDIRECT binding.
Reference in a new issue View git blame Copy permalink