IdpDiscovery

Includes a subset of of the SAML Discovery protocol. Primary usage is for internal SAML authenticators. 

Properties

Name Description Default value Mandatory
allowLanguageChange Meant for the rendering template. should language change be allowed/visible true No
templateTitle Meant for the rendering template. Use to override the default title. This parameter is localized idpdiscovery.messages.information.title No
templateBody Meant for the rendering template. Use to override the default body. This parameter is localized idpdiscovery.messages.information.body No
template Template presenting the ui to the user idpdiscovery No
idpList List of IDP's to be shown. N/A Yes
spList List of SP's allowed to query the service. The id configured must be presnet in the "AUTHENTICATORS" and be represented by either SAMLServiceProviderAuthN or SAMLSPBroker. N/A Yes

idpList configuration

Configuring the possible idp listoption has a complex structure , it's a JSON Object. Example is a carve out of how one entry is configured and description of the keys and values.


Name Description Default value Mandatory
internalID Internal id of the IDP. This is alomst always the same valueaas the entityID. N/A Yes
image URI to image where image is located N/A No
icon CSS icon class instead of image N/A No
sortorder Selection sort order N/A No
displayName Friendly display name Name of the authenticator No

Example Configuration 

{
    "alias" : "disco",
    "name" : "IdpDiscovery",
    "id" : "disco",
    "configuration" : {
      "templateTitle" : "Custom Title,
      "allowLanguageChange" : "true",
      "spList" : [ "myapps", "mapps2" ],
      "idpList" : [ {
        "internalID" : "auth2",
        "displayName" : "This is the display name",
        "sortOrder" : "10"
      }, {
        "internalID" : "auth1",
        "displayName" : "This is the display 2"
      } ]
    }
  }
Click to copy

Requirements

  • SAML module deployed
  • User selection is returned in the selectedIDP paramater.
  • SAML sp return URL is taken from the store NOT from the return parameter in the request.