...
Introduction
A SAML Authentication Request is initiated by the service provider / client to request the identity provider to authenticate a user. This request is typically generated when a user attempts to access a service that requires authentication and their current session is not authenticated. The request informs the identity provider that a user needs verification and prompts the IdP to either initiate a login process or verify the existing authentication state.
...
ProxyCount
: This optional attribute specifies the maximum number of proxying hops that are permitted to occur when processing this request. This feature is currently not yet implemented.IDPList
: A list of IdPs that are allowed or suggested to be used for handling the request. This is particularly useful in scenarios where the user or the service provider wants to limit which IdPs can respond.
...
ProviderID
: The unique identifier of the IdP, which has to match theauthentication scheme
of the external identity provider in the CoreOne Suite Configuration.Name
: A human-readable name for the IdP, useful in user interfaces.Loc
: An optional attribute that provides a location (URL) where the IdP can be reached.
...
Consider a scenario where a service provider wants to ensure that authentication requests are handled only by specific IdPs. Here is an example of how a SAML AuthnRequest AuthN Request with scoping might be structured:
...