On this page:
   25.66    OpenID Connect Token Validation 25.68    OAuth2/OIDC Federation   

25.67SAML Provider

 

The SAML Provider configuration category includes the following configurable options:

  • Registration ID

  • Issuer ID

  • Web SSO URL

  • Keystore File

  • Keystore Password

  • Verification Certificate Alias

  • Sign Auth Request

  • Signing Key Alias

  • Signing Key Password

  • Relying Party Entity ID Template

25.67.1Property: Registration ID

 
Property Name Registration ID
Property Key
Property Type STRING
Description An identifier intended to uniquely identify the registration between the Identity Provider and Smile CDR (the Service Provider). The default value of SMILECDR is typically fine, unless you are authenticating multiple instances of Smile CDR using SAML, and the different instances have different purposes/users/etc.
Default Value SMILECDR
Example Property
module.[MODULE_ID].config.relying_party.default.registration_id = SMILECDR

25.67.2Property: Issuer ID

 
Property Name Issuer ID
Property Key
Property Type STRING
Description Contains the ID for the IDP (Identity Provider) that will be used to authenticate, and must match the value configured in that system. This is also sometimes called an Entity ID.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.issuer_id = 

25.67.3Property: Web SSO URL

 
Property Name Web SSO URL
Property Key
Property Type STRING
Description Specifies the URL that should be used as the destination for the initial redirect from the Service Provider to the Identity Provider.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.web_sso_url = 

25.67.4Property: Keystore File

 
Property Name Keystore File
Property Key
Property Type Resource Path
Description Specifies a Keystore to obtain keys and certificates for use in signing and verifying signatures in SAML assertions.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.keystore.file = 

25.67.5Property: Keystore Password

 
Property Name Keystore Password
Property Key
Property Type PASSWORD
Description The keystore password
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.keystore.password = 

25.67.6Property: Verification Certificate Alias

 
Property Name Verification Certificate Alias
Property Key
Property Type STRING
Description Specifies the alias in the keystore for the certificate to use to verify the SAML response signature.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.verification_cert_alias = 

25.67.7Property: Sign Auth Request

 
Property Name Sign Auth Request
Property Key
Property Type BOOLEAN
Description Should the SAML Authentication Request be signed?
Default Value true
Example Property
module.[MODULE_ID].config.relying_party.default.sign_auth_request = true

25.67.8Property: Signing Key Alias

 
Property Name Signing Key Alias
Property Key
Property Type STRING
Description Specifies the alias within the keystore for the key that will be used to sign the Authentication Request.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.signing_key_alias = 

25.67.9Property: Signing Key Password

 
Property Name Signing Key Password
Property Key
Property Type PASSWORD
Description The password for the key used for signing.
Default Value (no default)
Example Property
module.[MODULE_ID].config.relying_party.default.signing_key_password = 

25.67.10Property: Relying Party Entity ID Template

 
Property Name Relying Party Entity ID Template
Property Key
Property Type STRING
Description This setting controls the Entity ID that will be assigned to the SAML Relying Party (i.e. the Smile CDR web application being authenticated). See Entity ID Template for more information.
Default Value {baseUrl}/saml2/service-provider-metadata/{registrationId}
Example Property
module.[MODULE_ID].config.relying_party.default.entity_id_template = {baseUrl}/saml2/service-provider-metadata/{registrationId}
   25.66    OpenID Connect Token Validation 25.68    OAuth2/OIDC Federation