forked from IdentityPython/SATOSA
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsaml2_backend.yaml.example
53 lines (51 loc) · 1.92 KB
/
saml2_backend.yaml.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
module: satosa.backends.saml2.SAMLBackend
name: Saml2
config:
idp_blacklist_file: /path/to/blacklist.json
sp_config:
key_file: backend.key
cert_file: backend.crt
organization: {display_name: Example Identities, name: Example Identities Org., url: 'http://www.example.com'}
contact_person:
- {contact_type: technical, email_address: [email protected], given_name: Technical}
- {contact_type: support, email_address: [email protected], given_name: Support}
metadata:
local: [idp.xml]
entityid: <base_url>/<name>/proxy_saml2_backend.xml
accepted_time_diff: 60
service:
sp:
ui_info:
display_name:
- lang: en
text: "SP Display Name"
description:
- lang: en
text: "SP Description"
information_url:
- lang: en
text: "http://sp.information.url/"
privacy_statement_url:
- lang: en
text: "http://sp.privacy.url/"
keywords:
- lang: se
text: ["Satosa", "SP-SE"]
- lang: en
text: ["Satosa", "SP-EN"]
logo:
text: "http://sp.logo.url/"
width: "100"
height: "100"
authn_requests_signed: true
want_response_signed: true
allow_unsolicited: true
endpoints:
assertion_consumer_service:
- [<base_url>/<name>/acs/post, 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST']
- [<base_url>/<name>/acs/redirect, 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect']
discovery_response:
- [<base_url>/<name>/disco, 'urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol']
name_id_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
# disco_srv must be defined if there is more than one IdP in the metadata specified above
disco_srv: http://disco.example.com