Differences

This shows you the differences between two versions of the page.

--- 72:integration:saml [2019/06/12 08:42] – [Lessons Learned] sngr
+++ 72:integration:saml [2019/08/28 11:59] – emr
@@ Line 41: / Line 41: @@
                         providerId="<yourStagesURL>"
                         signatureKeyAlias="samlkeyalias"
-     >
+    >
         </service-provider>
@@ Line 76: / Line 76: @@
                         nameIdPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
                         userFullnameTemplate="%firstname% %lastname%"
-              >
+             >
             <!-- hardcoded magic value that specifies the NameID from the SAML reply -->
             <identity-provider-attribute name="username" id="http://schemas.stages.methodpark.com/saml/v2/identity/claims/subject" />
@@ Line 159: / Line 159: @@
 ===== Lessons Learned =====
-The default binding type of the SAML-Request is created as a redirect.
+The default binding type of the SAML Request is ''redirect''.
-Some IDP (f.e. at Renault) doesn´t work with that type and rather need a POST-Request.
+Some IDPs do not work with that type and rather need a POST Request. This can only be found out on the IDP.
-This can be configured in the identity-provide section of the config.xml:
+This can be configured in the ''identity-provider''  section via
 <code>
 sendBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
 </code>
-There a re no easy options to fint it out, because the IDP only seems to deny the Request (without telling the concrete reason in the response). Only at IDP (→ mostly customer) the problem can be identified.