oauth_saml_bearer_grant.rdoc

doc/oauth_saml_bearer_grant.rdoc
Last Update: 2023-01-10 23:21:31 +0000

Documentation for OAuth SAML Bearer Grant feature

The oauth_saml_bearer_grant feature implements the OAuth 2.0 SAML Profile for Client Authentication and Authorization Grants.

datatracker.ietf.org/doc/html/rfc7522

Auth Value Methods

oauth_saml_cert

SAML Identity Provider certificate

oauth_saml_cert_fingerprint

SAML Identity Provider certificate fingerprint

oauth_saml_cert_fingerprint_algorithm

SAML Identity Provider certificate fingerprint algorithm (nil by default).

oauth_saml_name_identifier_format

SAML Identity Provider name ID format.

oauth_saml_security_authn_requests_signed

Enable signature on AuthNRequest (false by default).

oauth_saml_security_metadata_signed

Enable signature on Metadata (false by default).

oauth_saml_security_digest_method

Service Provider signature method ("http://www.w3.org/2000/09/xmldsig#sha1" by default)

oauth_saml_security_signature_method

Service Provider digest method ("http://www.w3.org/2000/09/xmldsig#rsa-sha1" by default)

require_oauth_application_from_saml2_bearer_assertion_issuer

loads the oauth application from the SAML assertion issuer (client authorization).

require_oauth_application_from_saml2_bearer_assertion_subject

loads the oauth application from the SAML assertion subject (client authentication).

account_from_saml2_bearer_assertion

loads the user account from the SAML assertion.