You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/authenticate/enterprise-connections/advanced-saml-configurations.mdx
+4-3Lines changed: 4 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,21 +28,21 @@ The Name ID you select in Kinde must be supported and configured in your IdP.
28
28
29
29
## Sign request algorithm
30
30
31
-
The Sign Request Algorithm defines the cryptographic algorithm used to sign SAML requests (AuthnRequest) and/or responses. Signing ensures the authenticity and integrity of SAML messages.
31
+
The Sign Request Algorithm defines the cryptographic algorithm used to sign SAML requests (AuthnRequest). Signing ensures the authenticity and integrity of SAML messages.
32
32
33
33
Available algorithms:
34
34
-**RSA-SHA256**: A commonly used and secure option.
35
35
-**RSA-SHA1**: Older and less secure; often deprecated.
36
36
37
-
Secure configurations favor SHA256 or higher algorithms to protect against vulnerabilities.
37
+
Secure configurations favor SHA256 or stronger algorithms to protect against vulnerabilities.
38
38
39
39
## Protocol binding
40
40
41
41
Protocol Binding refers to the transport mechanism used to send the SAML authentication request from Kinde to your IdP.
42
42
43
43
Common Binding Types:
44
44
-**HTTP Redirect Binding**: The SAML request is sent as a URL parameter using a GET request. It is lightweight but limited in message size.
45
-
-**HTTP POST Binding**: The SAML request is sent via an HTML form using a POST request. It supports larger payloads and is commonly used for transmitting signed requests.
45
+
-**HTTP POST Binding**: The SAML request is sent via an HTML form using the POST method. It supports larger payloads and is commonly used for transmitting signed requests.
46
46
47
47
The choice of binding affects security, performance, and compatibility. POST Binding is generally preferred for secure communications due to its ability to handle signed messages and larger payloads.
48
48
@@ -54,6 +54,7 @@ Kinde-supported key attributes:
54
54
55
55
- Email Address: The user’s email, often used for identification or communication.
56
56
- First Name / Last Name: Used for personalization or internal system mapping.
57
+
- User ID: The attribute in the SAML token that contains the user ID.
57
58
58
59
Only configure key attributes if supported by your IdP.
0 commit comments