SAML Metadata configuration
This guide contains info about setting your {$provider-id}.json file.
Set your type property to saml.
Authentication properties
This is the list of all authentication properties which can be set in the authentication properties of your metadata file.
| Property | Type | Required | Description | Example value |
|---|---|---|---|---|
identityProviderMetadata | string | true | Path or URL to the Identity Provider metadata file. This defines IdP endpoints and certificates. | file:///C:/SAML/idp-metadata.xml |
serviceProviderMetadata | string | true | Path to the Service Provider metadata file. This defines SP entity ID, ACS URL and other SP information. | file:///C:/SAML/sp-metadata.xml |
keyManager.storeType | string | false | Type of key store. Default is JKS. | PKCS12,JKS |
keyManager.storeFile | string | required if keyManager is defined | Path to the keystore file used for signing / encryption. | C:/SAML/keystore.jks |
keyManager.defaultKey | string | required if keyManager is defined | Alias of the default key used from the keystore. | sp-key |
keyManager.storePassword | string | required if keyManager is defined | Password to access the keystore | sp-pass |
alias.enabled | boolean | false | Enables SP aliasing (for multi-tenant or custom endpoint setups). Default is false. | true |
alias.url | string | required if alias.enabled = true | URL for the alias endpoint. | https://myapp.example.com/saml |
userNameAttribute | string | false | User identification attribute. Default value is principal. | principal |
Full example of using SAML as provider
{
"type": "saml",
"authenticationProperties": {
"identityProviderMetadata": "file:///C:/SAML/idp-metadata.xml",
"serviceProviderMetadata": "file:///C:/SAML/sp-metadata.xml",
"keyManager": {
"storeType": "PKCS12",
"storeFile": "C:/SAML/keystore.p12",
"defaultKey": "sp-key",
"storePassword": "sp-pass"
},
"alias": {
"enabled": true,
"url": "https://myapp.example.com/saml"
},
"userNameAttribute": "principal"
}
}