Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Certificates - allows you to add a second certificate. Used when you need to change a server certificate on AD and want to minimise downtime for your users.

Advanced - Allows you to make several changes that are rarely necessary:

  • switch between SAML versions should you

...

  • have a source that can only handle the older SAML 1 profile
  • switch the profile from Redirect to Post if your source insists on it
  • enable signing of authentication requests (SHA-1 or SHA-256)

...

  • if your source requires it 
  • enable the SAML forceAuthn option (forces your local source to re-authenticate any time the user is sent there - e.g. where users can have multiple affiliations within a consortium and your SAML source's session management makes it difficult for them to change).

Anything to watch out for?

...