-
Notifications
You must be signed in to change notification settings - Fork 24
3. Configuration
Enter settings on the Plugin Page
Force SSO login or allow visitors to login using internal GLPI authentication (useful for testing).
PHPSAML setting rejects unsigned or unencrypted messages and follows SAML standard strictly
If 'strict' is True, then the PHP Toolkit will reject unsigned or unencrypted messages if it expects them to be signed or encrypted. Also it will reject the messages if the SAML standard is not strictly followed: Destination, NameId, Conditions ... are validated too. Read More
Logs to the GLPI PHP log
Just in Time Provisioning adds the authenticated user to GLPI if it does not already exist
Your webserver certificate. This field is required if using Strict mode or signing responses.
Your webserver certificate private key. This field is required if using Strict mode or signing responses.
NameID format required by your IdP. You can change the NameID that is sent from PHPSAML to the IdP or leave as unspecified. Unspecified will work in most cases but some IdPs expect a specific NameID format. Sending an incorrect NameID will result in a SAML Response error.