Skip to content
Snippets Groups Projects
Commit c48992be authored by Ben Bodenmiller's avatar Ben Bodenmiller Committed by Achilleas Pipinellis
Browse files

add SHA1 fingerprint requirement

parent 545d52ce
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 2 deletions
doc/integration/saml.md
+ 4
2
View file @ c48992be
@@ -102,9 +102,10 @@ in your SAML IdP:
installation to generate the correct value).
 
1. Change the values of `idp_cert_fingerprint`, `idp_sso_target_url`,
`name_identifier_format` to match your IdP. Check
`name_identifier_format` to match your IdP. If a fingerprint is used it must
be a SHA1 fingerprint; check
[the omniauth-saml documentation](https://github.com/omniauth/omniauth-saml)
for details on these options.
for more details on these options.
 
1. Change the value of `issuer` to a unique name, which will identify the application
to the IdP.
@@ -311,6 +312,7 @@ need to be validated using a fingerprint, a certificate or a validator.
 
For this you need take the following into account:
 
- If a fingerprint is used, it must be the SHA1 fingerprint
- If no certificate is provided in the settings, a fingerprint or fingerprint
validator needs to be provided and the response from the server must contain
a certificate (`<ds:KeyInfo><ds:X509Data><ds:X509Certificate>`)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment