Older version2.7 AuthenticatorsSAMLHeaderBasedCertificateSAML

HeaderBasedCertificateSAML

Used when authentication is based on a X509 certificate. 

Properties

Name Description Default value Mandatory
idpID The iternal identifier of the idp used N/A Yes
pipeID Id of the pipe used to issue the SAML assertion N/A Yes
certificateheader In which parameter will the certificate be in N/A Yes
samlAuthMethod What value is set in the AuthnContextClassRef urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient No
certificateExtractionUrl If data is missing in the request, where to send the client for certificate extraction. N/A No

Example Configuration

{
    "alias": "certificatesaml",
    "name": "HeaderBasedCertificateSAML",
    "configuration": {
        "idpID": "idp",
        "pipeID":"tokenPipe",
        "certificateheader":"myheader"
}

Requirements

Some kind of web front handling certificate extraction and populating the data.