freudsfreund
Reputation: 143
Using a string instead of URL as an entityID with SAML
We are implementing a SSO with SAML and Moodle 3.3's plugin https://moodle.org/plugins/auth_saml2
Usually moodle provides an entityID as an URL, for example:
entityID="https://mymoodlesite.com/auth/saml2/sp/metadata.php"
Our partner is requesting in this case a simple string, someting like:
external-moodle
According to the SAML specifications entityID could only be a URL, is there a workaround with the example above?
Upvotes: 0
Views: 2348
Answers (1)
Bernhard Thalmayr
Reputation: 2744
SAML meta data schema defines entityID as
<simpleType name="entityIDType">
<restriction base="anyURI">
<maxLength value="1024"/>
</restriction>
</simpleType>
anyURI is defined at https://www.w3.org/TR/2006/WD-xmlschema11-2-20060217/#anyURI
even using
external-moodle
as entityID would pass SAML meta data schema check. For interoperability it SHOULD be an URL - https://www.oasis-open.org/committees/download.php/51890/SAML%20MD%20simplified%20overview.pdf
Upvotes: 2
Related Questions
- Keycloak - Custom Entity Id for SAML Provider?
- SAML SSO - How to configure a dynamic ACS URL (SalesForce is IdP)
- SAML 2.0: How to configure Assertion Consumer Service URL
- What to present at SAML EntityID URL?
- SAML2: SP/idP metadata loaded by URL safe or not?
- Spring SAML Extension - Programmatically setting entityBaseURL
- How can i pass EmployeeID as in NameID in saml assertion
- How do I build a SAML login link dynamically?
- Custom request URL
- Spring SAML Extension strips of query string param for Single Sign on Service