You are here

Home » API reference » SAML Service Provider 8.3

saml_sp.schema.yml in SAML Service Provider 8.3

Same filename and directory in other branches
  1. 8.2 config/schema/saml_sp.schema.yml
  2. 7.8 config/schema/saml_sp.schema.yml
  3. 4.x config/schema/saml_sp.schema.yml
  4. 3.x config/schema/saml_sp.schema.yml
config/schema/saml_sp.schema.yml

File

config/schema/saml_sp.schema.yml
View source 
  1. saml_sp.settings:

  2.   type: config_object

  3.   label: 'Settings'

  4.   mapping:

  5.     contact:

  6.       type: mapping

  7.       label: 'Contact'

  8.       mapping:

  9.         technical:

  10.           type: mapping

  11.           label: 'Technical'

  12.           mapping:

  13.             name:

  14.               type: string

  15.               label: 'Name'

  16.             email:

  17.               type: email

  18.               label: 'Email'

  19.         support:

  20.           type: mapping

  21.           label: 'Support'

  22.           mapping:

  23.             name:

  24.               type: string

  25.               label: 'Name'

  26.             email:

  27.               type: email

  28.               label: 'Email'

  29.     organization:

  30.       type: mapping

  31.       label: 'Organization'

  32.       mapping:

  33.         name:

  34.           type: string

  35.           label: 'Name'

  36.           description: 'This is a short name for the organization'

  37.         display_name:

  38.           type: string

  39.           label: 'Display Name'

  40.           description: 'This is a long name for the organization'

  41.         url:

  42.           type: string

  43.           label: 'URL'

  44.           description: 'This is a URL for the organization'

  45.     strict:

  46.       type: boolean

  47.       label: 'Strict'

  48.       description: 'SAML 2 Strict protocol will be used.'

  49.     security:

  50.       type: mapping

  51.       label: Security

  52.       mapping:

  53.         nameIdEncrypted:

  54.           type: boolean

  55.           label: 'NameID Encrypted'

  56.         authnRequestsSigned:

  57.           type: boolean

  58.           label: 'Authn Requests Signed'

  59.         logoutRequestSigned:

  60.           type: boolean

  61.           label: 'Logout Requests Signed'

  62.         logoutResponseSigned:

  63.           type: boolean

  64.           label: 'Logout Response Signed'

  65.         wantMessagesSigned:

  66.           type: boolean

  67.           label: 'Want Messages Signed'

  68.         wantAssertionsSigned:

  69.           type: boolean

  70.           label: 'Want Assertions Signed'

  71.         wantNameIdEncrypted:

  72.           type: boolean

  73.           label: 'Want NameID Encrypted'

  74.         signMetaData:

  75.           type: boolean

  76.           label: 'Sign Meta Data'

  77.         signatureAlgorithm:

  78.           type: string

  79.           label: 'Signature Algorithm'

  80.         lowercaseUrlencoding:

  81.           type: boolean

  82.           label: 'Lowercase Url Encoding'

  83.     cert_location:

  84.       type: string

  85.       label: 'Certificate Location'

  86.       description: 'The location of the X.509 certificate file on the server. This must be a location that PHP can read.'

  87.     key_location:

  88.       type: string

  89.       label: 'Key Location'

  90.       description: 'The location of the x.509 key file on the server. This must be a location that PHP can read.'

  91.     new_cert_location:

  92.       type: string

  93.       label: 'New Certificate Location'

  94.       description: 'The location of the x.509 certificate file on the server. If the certificate above is about to expire add your new certificate here after you have obtained it. This will add the new certificate to the metadata to let the IdP know of the new certificate. This must be a location that PHP can read.'

  95.     entity_id:

  96.       type: string

  97.       label: 'Entity ID'

  98.       description: 'The unique identifier that the IdP intentifies this site for the Relying Party Trust.'

  99.     debug:

  100.       type: boolean

  101.       label: 'Debug Mode'

  102. 

  103. 

  104. saml_sp.idp.*:

  105.   type: config_entity

  106.   label: 'SAML Identity Provider'

  107.   mapping:

  108.     label:

  109.       type: label

  110.       label: 'Name'

  111.     id:

  112.       type: string

  113.       label: 'Machine-readable name'

  114.     entity_id:

  115.       type: string

  116.       label: 'Entity ID'

  117.       description: 'The entityID identifier which the Identity Provider will use to identiy itself by, this may sometimes be a URL.'

  118.     app_name:

  119.       type: string

  120.       label: 'App name'

  121.       description: 'The app name is provided to the Identiy Provider, to identify the origin of the request.'

  122.     nameid_field:

  123.       type: string

  124.       label: 'NameID field'

  125.       description: 'Mail is usually used between IdP and SP, but if you want to let users change the email address in IdP, you need to use a custom field to store the ID.'

  126.     login_url:

  127.       type: string

  128.       label: 'IdP login URL'

  129.       description: 'Login URL of the Identity Provider server.'

  130.     logout_url:

  131.       type: string

  132.       label: 'IdP logout URL'

  133.       description: 'Logout URL of the Identity Provider server.'

  134.     x509_cert:

  135.       type: sequence

  136.       label: 'X.509 certificates'

  137.       description: 'Enter the application certificate provided by the IdP.'

  138.       sequence:

  139.         type: string

  140.     authn_context_class_ref:

  141.       type: sequence

  142.       label: 'Authentication methods'

  143.       description: 'What authentication methods would you like to use with this IdP?'

  144.       sequence:

  145.         type: string