From c84660c3ba831eba9b8d57fa6b67feca944fb308 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Tue, 15 Nov 2016 11:37:17 +0100
Subject: [PATCH] =?UTF-8?q?Document=20the=20=E2=80=9Cscope=E2=80=9D=20conf?=
 =?UTF-8?q?iguration=20option=20for=20remote=20SAML=20IdP=20metadata.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/simplesamlphp-reference-idp-remote.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/docs/simplesamlphp-reference-idp-remote.md b/docs/simplesamlphp-reference-idp-remote.md
index a8520d474..89526fdfd 100644
--- a/docs/simplesamlphp-reference-idp-remote.md
+++ b/docs/simplesamlphp-reference-idp-remote.md
@@ -85,6 +85,14 @@ The following options are common between both the SAML 2.0 protocol and Shibbole
             'no' => 'En tjeneste',
         ),
 
+`scope`
+:   An array with scopes valid for this IdP.
+    The IdP will send scopes in scoped attributes, that is, attributes containing a value with an `@` sign and a domain name
+    after it.
+
+:   When the `saml:FilterScopes` authentication processing filter is used, this list of scopes will determine the valid
+    scopes for attributes.
+
 `SingleSignOnService`
 :   Endpoint URL for sign on. You should obtain this from the IdP. For SAML 2.0, SimpleSAMLphp will use the HTTP-Redirect binding when contacting this endpoint.
 
-- 
GitLab