Versions Compared

Old Version 15

changes.mady.by.user Former user

Saved on

compared with

New Version 16

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note
titleAdditional configurations
  • Expand
    titleClick here to expand for more information on signature algorithms.

    The following table provides the list of signature algorithms available and their respective URI.

    Signature algorithm nameSignature algorithm URI
    DSA with SHA1 http://www.w3.org/2000/09/xmldsig#dsasha1
    ECDSA with SHA1 http://www.w3.org/2001/04/xmldsigmore#ecdsasha1
    ECDSA with SHA256 http://www.w3.org/2001/04/xmldsigmore#ecdsasha256
    ECDSA with SHA384 http://www.w3.org/2001/04/xmldsigmore#ecdsasha384
    ECDSA with SHA512 http://www.w3.org/2001/04/xmldsigmore#ecdsasha512
    RSA with MD5 http://www.w3.org/2001/04/xmldsigmore#rsamd5
    RSA with RIPEMD160 http://www.w3.org/2001/04/xmldsigmore#rsaripemd160
    RSA with SHA1 http://www.w3.org/2000/09/xmldsig#rsasha1
    RSA with SHA256http://www.w3.org/2001/04/xmldsigmore#rsasha256
    RSA with SHA384 http://www.w3.org/2001/04/xmldsigmore#rsasha384
    RSA with SHA512 http://www.w3.org/2001/04/xmldsigmore#rsasha512
  • Expand
    titleClick here to expand for more information on digest algorithms.

    The following table provides the list of digest algorithms available and their respective URI.

    Digest algorithm nameDigest algorithm URI
    MD5 http://www.w3.org/2001/04/xmldsigmore#md5
    RIPEMD160http://www.w3.org/2001/04/xmlenc#ripemd160
    SHA1http://www.w3.org/2000/09/xmldsig#sha1
    SHA256http://www.w3.org/2001/04/xmlenc#sha256
    SHA384 http://www.w3.org/2001/04/xmldsigmore#sha384
    SHA512http://www.w3.org/2001/04/xmlenc#sha512


  • If you need to sign the SAML response using an authenticated user's tenant keystore, please add the following configuration. (By default, the response is signed using the certificate that belongs to the tenant where the service provider is registered). This property must be added if the SAML authenticator version in the WSO2 Carbon products that you are using is 4.2.2 or higher (org.wso2.carbon.identity.authenticator.saml2.sso_4.2.2.jar).

    Add the <UseAuthenticatedUserDomainCrypto> property available in the     <IS_HOME>/repository/conf/identity.xml file as shown below.

    Code Block
    languagexml
    <SSOService>
...
	<UseAuthenticatedUserDomainCrypto>true<UseAuthenticatedUserDomainCrypto>
</SSOService>

Anchor
OAuth
OAuth

Configuring OAuth/OpenID Connect

...