auth.saml.algorithm

Background

Specify the SAML signature/digest algorithm name to use with OpenSAML. This setting applies to both public and administration interfaces.

The only currently permitted values are sha1 (the default for legacy reasons) and sha256 (the recommended value for security which is compatible with most modern IdPs).

Setting the key

Set this configuration key in the server configuration.

Use the configuration key editor to add or edit the auth.saml.algorithm key, and set the value. This can be set to any valid SAMLAlgorithm allowed values: sha1 or sha256 value.

Default value

auth.saml.algorithm=sha1

Examples

Set the signature/digest algorithm to sha256 (compatible with ADFS)

auth.saml.algorithm=sha256