diff --git a/docs/simplesamlphp-sp-api.txt b/docs/simplesamlphp-sp-api.txt
index e73102bc84529700514aced3424eb53221d40411..fafc8d2ec2e6490dd72af325596e02e173b39442 100644
--- a/docs/simplesamlphp-sp-api.txt
+++ b/docs/simplesamlphp-sp-api.txt
@@ -40,7 +40,7 @@ Check whether the user is authenticated with this authentication source.
`requireAuth`
-------------
- void requireAuth(array $options = array())
+ void requireAuth(array $params = array())
Make sure that the user is authenticated.
This function will only return if the user is authenticated.
@@ -48,18 +48,9 @@ If the user isn't authenticated, this function will start the authentication pro
### Parameters
-`$options` is an associative array with named parameters for this function.
-The following named parameters are supported:
+`$params` is an associative array with named parameters for this function.
+See the documentation for the `login`-function for a description of the parameters.
-`KeepPost` (`bool`)
-
-: If set to `TRUE`, the current POST data will be submittet again after authentication.
- The default is `TRUE`.
-
-`ReturnTo` (`string`)
-
-: The URL the user should be returned to after authentication.
- The default is to return the user to the current page.
### Example 1
@@ -79,6 +70,43 @@ The following named parameters are supported:
print("Hello, authenticated user!");
+`login`
+-------------
+
+ void login(array $params = array())
+
+Start a login operation.
+This function will always start a new authentication process.
+
+### Parameters
+
+The following global parameters are supported:
+
+`ErrorURL` (`string`)
+
+: An URL to a page which will receive errors that may occur during authentication.
+
+`KeepPost` (`bool`)
+
+: If set to `TRUE`, the current POST data will be submitted again after authentication.
+ The default is `TRUE`.
+
+`ReturnTo` (`string`)
+
+: The URL the user should be returned to after authentication.
+ The default is to return the user to the current page.
+
+The [`saml:SP`](https://rnd.feide.no/content/saml-service-provider-configuration-reference) authentication source also defines some parameters.
+
+
+### Example
+
+ # Send a passive authentication request.
+ $auth->login(array(
+ 'saml:IsPassive' => TRUE,
+ 'ErrorURL' => 'https://.../error_handler.php',
+ ));
+
`logout`
--------
diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt
index f89440bfd6ed6d5a45d1708b58203c29b8972ba9..72eb70136992a320cfa427bd823c9af7dfa50c96 100644
--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -9,11 +9,12 @@ Metadata
The metadata for your SP will be available from the federation page on your simpleSAMLphp installation.
-Options
+
+Parameters
-------
-These are options that can be used at runtime to control the authentication.
-All these options override the equivalent option from the configuration.
+These are parameters that can be used at runtime to control the authentication.
+All these parameters override the equivalent option from the configuration.
`saml:AuthnContextClassRef`
: The AuthnContextClassRef that will be sent in the login request.
@@ -27,10 +28,10 @@ All these options override the equivalent option from the configuration.
: *Note*: SAML 2 specific.
`saml:idp`
-: The entity ID this SP should connect to.
+: The entity ID of the IdP we should send an authentication request to.
`saml:IsPassive`
-: IsPassive allows you to enable passive authentication by default for this SP.
+: Send a passive authentication request.
: *Note*: SAML 2 specific.
@@ -82,10 +83,12 @@ Here we will list some examples for this authentication source.
),
-### Requesting passive authentication
+### Requesting a specific authentication method.
-$auth = new SimpleSAML_Auth_Simple('default-sp');
-$auth->login(array('saml:IsPassive' => TRUE));
+ $auth = new SimpleSAML_Auth_Simple('default-sp');
+ $auth->login(array(
+ 'saml:AuthnContextClassRef' => 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password',
+ ));
Options