CentraSite Documentation : Runtime Governance with CentraSite : Run-Time Governance Reference : Built-In Run-Time Actions Reference for APIs : Run-Time Actions Reference : Require WSS SAML Token
Require WSS SAML Token
When this action is configured for a proxy API, Mediator uses a WSS Security Assertion Markup Language (SAML) assertion token to validate clients for an API.
Note:  
For information about configuring your system for SAML token processing, see Administering webMethods Mediator .
Input Parameters
SAML Subject Confirmation
String Specifies the SAML subject confirmation methods:
Value
Description
Holder of Key
Default. Select this option if clients use the SAML V1.1 or V2.0 Holder-of-Key Web Browser SSO Profile, which allows for transport of holder-of-key assertions. In this scenario, the client presents a holder-of-key SAML assertion acquired from its preferred identity provider to access a web-based resource at an API provider.
If you select Holder of Key, Mediator also implicitly selects the “timestamp” and “signing” assertions to the virtual service definition (VSD). Thus, you should not add the “”Require Timestamps” and “Require Signing” actions to the API if the “Require WSS SAML Token” action is already applied.
Bearer
Select this option if clients use the SAML V1.1 Bearer token authentication, in which a Bearer token mechanism relies upon bearer semantics as a means by which the client conveys to Mediator the sender's identity.
If you select Bearer, the “timestamp” and “signing” assertions will be added to the virtual service definition (VSD).
Note:  
If clients use SAML 2.0 Sender-Vouches tokens, configure your system as described in Administering WebMethods Mediator.
SAML Version
String Specifies the WSS SAML Token version to use: 1.1 or 2.0.
Copyright © Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback