Skip to main content
Skip table of contents

Configuration Manager - IDP

The function that allowed the ILS to act as an IDP for other applications.

Description

Setting

What does the setting do?

Access token expiry time

Time to live in seconds from the access token generation.

Use secure cookies

Using secure cookies should only be disabled in testing environment.

Cookie path

Keystore path

Keystore with private key for signing SAMLResponse.

Keystore password

Password for keystore with private key for signing SAMLResponse.

Providers

Several providers can be configured. Per provider the following settings are available:

Setting

What does the setting do?

Entity ID* (100 characters max.)

The entity id identifying the Service Provider.

Assertion Consumer Service URL* (200 characters max.)

The assertion consumer service location URL pointing to the service provider.

Binding

The binding used to send the SAMLResponse. Valid values are HTTP-GET and HTTP-POST. When nothing is given, HTTP-GET is used.

Certificate keystore alias (100 characters max.)

The alias from the keystore that contains the certificate that can be used to validate the Authentication Request. If the attribute is not filled, the entity id attribute will be used as alias.

Signed authentication request

If this is active, before the BASE64 Encoding, the SAMLResponse will be deflate.

Signed authentication request

The flag tells the IdP if a SP sends the Authentication Request Signed. If the flag is true, the IdP will try to validate the request with the SP Public Certificate added in the keystore.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.