SAML Provider
The SAML Provider configuration category includes the following configurable options:
Registration ID
Issuer ID
Web SSO URL
Keystore File
Keystore Password
Verification Certificate Alias
Sign Auth Request
Signing Key Alias
Signing Key Password
Relying Party Entity ID Template
|
Registration ID |
|
|
STRING | |
An identifier intended to uniquely identify the registration between the Identity Provider and Smile CDR (the Service Provider). The default value of SMILECDR is typically fine, unless you are authenticating multiple instances of Smile CDR using SAML, and the different instances have different purposes/users/etc.
|
|
SMILECDR
|
|
|
|
Issuer ID |
|
|
STRING | |
Contains the ID for the IDP (Identity Provider) that will be used to authenticate, and must match the value configured in that system. This is also sometimes called an Entity ID. | |
(no default) | |
|
|
Web SSO URL |
|
|
STRING | |
Specifies the URL that should be used as the destination for the initial redirect from the Service Provider to the Identity Provider. | |
(no default) | |
|
|
Keystore File |
|
|
Resource Path | |
Specifies a Keystore to obtain keys and certificates for use in signing and verifying signatures in SAML assertions. | |
(no default) | |
|
|
Keystore Password |
|
|
PASSWORD | |
The keystore password | |
(no default) | |
|
|
Verification Certificate Alias |
|
|
STRING | |
Specifies the alias in the keystore for the certificate to use to verify the SAML response signature. | |
(no default) | |
|
|
Sign Auth Request |
|
|
BOOLEAN | |
Should the SAML Authentication Request be signed? | |
true
|
|
|
|
Signing Key Alias |
|
|
STRING | |
Specifies the alias within the keystore for the key that will be used to sign the Authentication Request. | |
(no default) | |
|
|
Signing Key Password |
|
|
PASSWORD | |
The password for the key used for signing. | |
(no default) | |
|
|
Relying Party Entity ID Template |
|
|
STRING | |
This setting controls the Entity ID that will be assigned to the SAML Relying Party (i.e. the Smile CDR web application being authenticated). See Entity ID Template for more information. | |
{baseUrl}/saml2/service-provider-metadata/{registrationId}
|
|
|