SAMLHeadlessSSO
SSO authenticator creating assertion based on current session.
Properties
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| idpID | ID of IdP configuration to use | YES | |
| pipeID |
ID of pipe creating assertion | YES | |
| authURL |
URL to redirect to if no session exist. |
YES |
Example Configuration
// AUTHENTICATORS
{
"id": "auth_sso_01",
"alias": "sso",
"name": "SAMLHeadlessSSO",
"displayName": "SSO",
"configuration": {
"idpID": "c133328c-0823-4368-9045-9a0a8ddc52c",
"pipeID": "auth_sso_pipe",
"authURL": "https://host/saml/authenticate/idp"
}
}
// PIPES
{
"id" : "auth_sso_pipe",
"description" : "Pipe for SAML SSO",
"name" : "Pipe for SAML SSO",
"enabled" : "true",
"config" : { },
"valves" : [ {
"name": "SessionLoadValve",
"config" : {
"id" : "{{request.session_id}}",
"require_session" : "true",
"require_auth_session" : "false"
}
}, {
"name" : "ItemCreateValve",
"config" : {
"dest_id" : "{{session.user_id}}"
}
}, {
"name" : "PropertyAddValve",
"config" : {
"name" : "uid",
"value" : "{{session.user_id}}"
}
}, {
"name" : "PropertyAddValve",
"config" : {
"name" : "mail",
"value" : "{{session.mail}}"
}
}, {
"name" : "AssertionProvider",
"enabled" : "true",
"config" : {
"targetEntityID" : "c133328c-0823-4368-9045-9a0a8ddc52c",
"nameIDAttribute" : "uid",
"additionalAttributes" : "mail"
}
} ]
}
Click to copy