Setting | Purpose | Mandatory? | Typical |
---|
saml2.compress.request
| Should the SP compress the SAML2Request XML? | NO - defaults to true | true |
saml2.compress.response
| If the SP sends a SAMLResponse, should it compress the XML? | NO - defaults to true | true |
saml2.security.authnrequest_signed
| Will the SP digitally sign its AuthnRequest inside the SAMLRequest? | YES | true |
saml2.security.want_messages_signed
| Does the SP want the IdP to digitally sign its SAML messages? | YES | true |
saml2.security.want_assertions_signed
| Does the SP want the IdP to digitally sign its SAML assertions? | YES | false |
saml2.security.want_xml_validation
| Should the SP validate all outbound and incoming SAML XML? | YES | true |
saml2.security.signature_algorithm
| The W3 URI for an XML Signature Algorithm | YES | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" |
saml2.security.requested_authncontext
| The requested AuthnContext the SP wants from the IdP | YES | “exact” |