Skip to main content

Parameters

See plugin common configurations for configuration options available to all plugins.

  • sp_issuer

    string

    required

    The unique identifier the service provider (SP) uses when communicating with the identity provider (IdP) in the SAML authentication process.

  • idp_uri

    string

    required

    The URL of the identity provider (IdP) where the service provider (SP) sends authentication requests to initiate the SAML authentication process.

  • idp_cert

    string

    required

    The X.509 certificate provided by the identity provider (IdP), used by the service provider (SP) to verify the authenticity and integrity of SAML assertions and responses.

  • login_callback_uri

    string

    required

    The endpoint on the service provider (SP) where the identity provider (IdP) will send the SAML response after a user successfully authenticates.

    The login callback URI should be a sub-path of the route URI. For example, if the route uri is /anything/*, the login callback URI can be /anything/login_callback.

  • logout_uri

    string

    required

    The URI path to trigger the SAML logout process.

    The logout URI should be a sub-path of the route URI. For example, if the route uri is /anything/*, the logout URI can be /anything/logout.

  • logout_callback_uri

    string

    required

    The endpoint on the service provider (SP) that receives the SAML logout response from the identity provider (IdP) after the logout process is completed.

    The logout callback URI should be a sub-path of the route URI. For example, if the route uri is /anything/*, the logout callback URI can be /anything/logout_callback.

  • logout_redirect_uri

    string

    required

    The URI where the user is redirected after the logout process is completed, usually back to the Service Provider’s (SP) application or a specified landing page.

    The logout callback URI should be a sub-path of the route URI. For example, if the route uri is /anything/*, the logout callback URI can be /anything/logout_ok.

  • sp_cert

    string

    required

    The X.509 certificate used by the service provider (SP) to sign SAML requests and assertions, ensuring secure communication with the identity provider (IdP).

  • sp_private_key

    string

    required

    The private key corresponding to the Service Provider’s (SP) certificate sp_cert, used to sign SAML requests and decrypt SAML assertions.

API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud
API7 Enterprise
API Portal
Roadmap

Open Source

Apache APISIX
K8s Ingress Controller
wasm-nginx-module
Contributor Graph

Resources

Blog
Documentation
NGINX + Lua
APISIX vs Kong
APISIX vs NGINX

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation