Skip to content
Architecture > Authentication

SAML

  • saml.identity.provider.url: the url of the identity provider
  • saml.service.provider.url: the full url of the service provider (this ami instance's url as known by the identity provider)
  • saml.entityid: The issuer id provided in the saml request
  • saml.relay.state: Optional, adds the RelayState param to the request
  • saml.plugin.class: The class that implements the com.f1.ami.web.AmiWebSamlPlugin interface. For non-customized versions use com.f1.ami.plugins.amisaml.AmiWebSamlPluginImpl
  • saml.username.field: The field of the response to extract username from
  • saml.identity.provider.cert.file: The file containing the certificate
  • saml.identity.provider.clock.skew.ms: Amount of time (in milliseconds) that Identity provider timestamp and service provider timestamp can drift
  • saml.identity.provider.lifetime.ms: Expiry time of IDP request (in milliseconds)
  • saml.debug: set to true to show verbose logging on saml related information