diff --git a/docs/simplesamlphp-reference-sp-remote.md b/docs/simplesamlphp-reference-sp-remote.md index ac44c1b2a0b02e71a9592f70516d74d69d8f868c..3fd3db80814b0d14e170843f584c081285bb3704 100644 --- a/docs/simplesamlphp-reference-sp-remote.md +++ b/docs/simplesamlphp-reference-sp-remote.md @@ -359,13 +359,9 @@ Only relevant if you are a proxy/bridge and wants to limit the idps this sp can use. `IDPList` -: The list of scoped idps ie. the list of entityids for idps that are -relevant for this sp. The final list is the concatenation of the list -given as parameter to InitSSO (at the sp), the list configured at the -sp and the list configured at the ipd (here) for this sp. The intersection -of the final list and the idps configured at the at this idp will be -presented to the user at the discovery service if neccessary. If only one -idp is in the intersection the discoveryservice will go directly to the idp. +: The list of scoped IdPs, i.e. the list of entityids for IdPs that are +relevant for this SP. It will override any list set in the IdP's +metadata. **Example: Configuration for scoping** diff --git a/modules/saml/docs/sp.md b/modules/saml/docs/sp.md index 8d21c409f2617f5d071a2abae274280549278cb3..26f6c8b1270ae8fb23bce2048c338c2941c0e6be 100644 --- a/modules/saml/docs/sp.md +++ b/modules/saml/docs/sp.md @@ -48,6 +48,9 @@ All these parameters override the equivalent option from the configuration. `isPassive` : Send a passive authentication request. +`IDPList` +: List of IdP entity ids that should be sent in the AuthnRequest to the IdP in the IDPList element, part of the + Scoping element. `saml:Extensions` : The samlp:Extensions (an XML chunk) that will be sent in the login request.