Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Code Block
# use auth-saml,ec when using Exchange/O365/GCal push-sync = auth-saml

# SAML keystore information
saml.keystore = file:/location/to/keystore.jks
saml.keyname = samlKey
saml.keypass = keypass
# Our own entity ID and URL
# You can use any entity ID, we usually set it to be the same as the URL
saml.entity_id =
saml.entity_baseurl = https://our.entity.base_url
# IDP metadata URL and entity ID
saml.idp_url = https://idp/metadata/url
saml.idp_entity_id =
# Attribute containing the username to use - value has to be unique since it is used in our data store for storing user data
# Specify @null to use the NameID
# This username is also used when connecting to external systems (e.g., connecting to Blackboard to retrieve timetables)
# Default to the eduPersonPrincipalName
saml.attribute.username = urn:mace:dir:attribute-def:eduPersonPrincipalName

# OPTIONAL: attribute to use as display name in the user interface, if not specified the username will be shown
#saml.attribute.displayName = urn:mace:dir:attribute-def:eduPersonPrincipalName

# OPTIONAL: maximum age of the authentication tocal
#saml.max_authentication_age = 43200

# OPTIONAL: set to true to force asking the user for username/password (disable SSO)
#saml.forceauthn = false

# OPTIONAL: set to false to support and initiate SAML Single Logout (SLO)
#saml.local_logout_only = true

# OPTIONAL: Signature to use for SAML metadata and signatures
# Possible values: sha1, sha256, sha384, sha512 (default = sha1sha256, recommended = sha256)
#saml.signature_algorithm = sha1sha256

# OPTIONAL: set to true to redirect the user to your own logout page, and specify the URL of the logout page
#LogoutUrl.AlwaysUseTarget = false
#LogoutUrl.Target = /