Skip to Content
DocsIdentity LinkSAML Client

SAML Client

SAML stands for Security Assertion Markup Language — it’s an open standard for single sign-on (SSO) that allows secure exchange of authentication and authorization data between an Identity Provider (IdP) and a Service Provider (SP).

Parameters for the element where n is a positive natural number:

  • ISSUER_n: url; location of the OpenID Connect well-known file; e.g., https://www.acme.org/FederationMetadata/2007-06/FederationMetadata.xml.
  • CLIENT_ID_n: string; a public identifier for the application. Created during client registration on the server.
  • SAML_SIGNED_ASSERTION_n (optional) (SAML2 only): boolean default false; signs interactions between the Identity Provider and the Service Provider (Relying Party).
  • SAML_BINDING_n (optional) (SAML2 only): SAML2 binding default HTTP-Redirect; HTTP-Redirect, HTTP-POST.

For HTTP-POST, add the callback endpoint (a built-in local service) with address 127.0.0.1, port 5555, SSL=false. The uriPath must be {context}/callback (proxyUrl=/callback only {context} is not blank). You must also apply the same rule that applies to the service.

The entity descriptor is available at this path ./${n}/.well-known/saml2-entity-descriptor where n is the button number.

Last updated on