From 9ae22119fb76a89c3129e978df8a31ae4480c2ac Mon Sep 17 00:00:00 2001 From: Thijs Kinkhorst <thijs@kinkhorst.com> Date: Mon, 13 Jun 2022 10:16:46 +0000 Subject: [PATCH] Update IDPList docs for recent improvements --- docs/simplesamlphp-reference-sp-remote.md | 10 +++------- modules/saml/docs/sp.md | 3 +++ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/docs/simplesamlphp-reference-sp-remote.md b/docs/simplesamlphp-reference-sp-remote.md index ac44c1b2a..3fd3db808 100644 --- a/docs/simplesamlphp-reference-sp-remote.md +++ b/docs/simplesamlphp-reference-sp-remote.md @@ -359,13 +359,9 @@ Only relevant if you are a proxy/bridge and wants to limit the idps this sp can use. `IDPList` -: The list of scoped idps ie. the list of entityids for idps that are -relevant for this sp. The final list is the concatenation of the list -given as parameter to InitSSO (at the sp), the list configured at the -sp and the list configured at the ipd (here) for this sp. The intersection -of the final list and the idps configured at the at this idp will be -presented to the user at the discovery service if neccessary. If only one -idp is in the intersection the discoveryservice will go directly to the idp. +: The list of scoped IdPs, i.e. the list of entityids for IdPs that are +relevant for this SP. It will override any list set in the IdP's +metadata. **Example: Configuration for scoping** diff --git a/modules/saml/docs/sp.md b/modules/saml/docs/sp.md index 8d21c409f..26f6c8b12 100644 --- a/modules/saml/docs/sp.md +++ b/modules/saml/docs/sp.md @@ -48,6 +48,9 @@ All these parameters override the equivalent option from the configuration. `isPassive` : Send a passive authentication request. +`IDPList` +: List of IdP entity ids that should be sent in the AuthnRequest to the IdP in the IDPList element, part of the + Scoping element. `saml:Extensions` : The samlp:Extensions (an XML chunk) that will be sent in the login request. -- GitLab