Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • cesnet_simplesamlphp-1.19.8
  • elixir_simplesamlphp-1.19.8
  • simplesamlphp-1.19.8
  • cesnet_simplesamlphp-1.19.5
  • simplesamlphp-2.0
  • feature/assets
  • feature/rac-source-selector
  • cleanup/remove-base64-attributes
  • simplesamlphp-1.19
  • elixir_simplesamlphp-1.19.5
  • aarc_idp_hinting
  • feature/validate-authstate-before-processing
  • feature/build-two-tarballs
  • dependabot/composer/twig/twig-3.4.3
  • tvdijen-patch-1
  • unchanged-acs-url-no-www-script
  • feature/translation-improvements
  • symfony6
  • move_tests
  • v1.19.9
  • v2.1.3
  • v2.0.10
  • v2.1.2
  • v2.0.9
  • v2.1.1
  • v2.0.8
  • v2.1.0
  • v2.0.7
  • v2.1.0-rc1
  • v2.0.6
  • v2.0.5
  • 2.0.4-alpha.1
  • v2.0.4-alpha.1
  • v2.0.4
  • v2.0.3
  • v2.0.2
  • v2.0.1-alpha.1
  • v2.0.1
  • v1.19.8
40 results
Blame History Permalink
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
simplesamlphp-metadata-endpoints.md 2.03 KiB

Metadata endpoints

This document gives a short introduction to the various methods forms metadata endpoints can take in SimpleSAMLphp.

The endpoints we have are:

Endpoint Indexed Default binding
ArtifactResolutionService Y SOAP
AssertionConsumerService Y HTTP-POST
SingleLogoutService N HTTP-Redirect
SingleSignOnService N HTTP-Redirect

The various endpoints can be specified in three different ways:

  • A single string.
  • Array of strings.
  • Array of arrays.

A single string

'AssertionConsumerService' => 'https://sp.example.org/ACS',

This is the simplest endpoint format. It can be used when there is only a single endpoint that uses the default binding.

Array of strings

'AssertionConsumerService' => [
    'https://site1.example.org/ACS',
    'https://site2.example.org/ACS',
],

This endpoint format can be used to represent multiple endpoints, all of which use the default binding.

Array of arrays

'AssertionConsumerService' => [
    [
        'index' => 1,
        'isDefault' => TRUE,
        'Location' => 'https://sp.example.org/ACS',
        'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
    ],
    [
        'index' => 2,
        'Location' => 'https://sp.example.org/ACS',
        'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
    ],
],

This endpoint format allows for specifying multiple endpoints with different bindings. It can also be used to specify the ResponseLocation attribute on endpoints, e.g. on SingleLogoutService:

'SingleLogoutService' => [
    [
        'Location' => 'https://sp.example.org/LogoutRequest',
        'ResponseLocation' => 'https://sp.example.org/LogoutResponse',
        'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
    ],
],