SAML Subject Confirmation | String. Select one of the following SAML subject confirmation methods: | ||
Value | Description | ||
Holder of Key | Default. Select this option if consumers use the SAML V1.1 or V2.0 Holder-of-Key Web Browser SSO Profile, which allows for transport of holder-of-key assertions. In this scenario, the consumer presents a holder-of-key SAML assertion acquired from its preferred identity provider to access a web-based resource at a service provider. If you select Holder of Key, Mediator also implicitly selects the “timestamp” and “signing” assertions to the virtual service definition (VSD). Thus, you should not add the “”Require Timestamps” and “Require Signing” policy actions to a virtual service if the “Require WSS SAML Token” action is already applied. | ||
Bearer | Select this option if consumers use SAML V1.1 Bearer token authentication, in which a Bearer token mechanism relies upon bearer semantics as a means by which the consumer conveys to Mediator the sender's identity. If you select Bearer, the “timestamp” and “signing” assertions will be added to the virtual service definition (VSD).
| ||
SAML Version | String. Specifies the WSS SAML Token version to use: 1.1 or 2.0. |