Used when there are multiple authentication possibilities.  The dispatcher will,  based on incoming data, select the appropriate route the user to the correct authentication. 


Name Description Default value Mandatory
idpID The internal identifier of the idp used N/A Yes
mapping An array of mapping rules used to determine which authenticator should handle the incoming request. Matching rules contains of java script expressions. N/A Yes

Example Configuration

    "alias": "samldispatch",
    "name": "Dispatch",
    "configuration": {
        "idpID": "idp",
        "mapping": [{
                "expression": "!request.getParameter('remoteAddress').startsWith('192.168.1')",
                "authenticator": "auth1"
                "expression": "request.getParameter('remoteAddress').startsWith('192.168.1')",
                "authenticator": "auth2"


One or more SAML authenticator configured.