ProductsBook A DemoContact Us

9-setup-instructions

docker run -d --name saml-auth-service -p 8192:8080 --env-file config.env --restart unless-stopped -v ./logs:/app/logs:rw us-central1-docker.pkg.dev/cve-buster/sec1-public-repo/saml-auth-service:latest

SAML Auth Service - Client Configuration

Copy this file to .env and update the values for your environment

=============================================================================

REQUIRED: Application URLs (Update with your domain)

=============================================================================

APP_BASE_URL= APP_FRONTEND_URL= APP_SUCCESS_REDIRECT=/?token={jwt} APP_ERROR_REDIRECT=/?error={error}

=============================================================================

REQUIRED: SAML Service Provider (SP) Configuration

=============================================================================

SAML_SP_ENTITY_ID= SAML_SP_ACS_URL= SAML_SP_METADATA_URL=

=============================================================================

REQUIRED: SAML Identity Provider (IdP) Configuration

Update these with your IdP settings (Okta, Azure AD, etc.)

=============================================================================

SAML_IDP_ENTITY_ID= SAML_IDP_SSO_URL= SAML_IDP_CERTIFICATE=

=============================================================================

REQUIRED: JWT Configuration (Generate a secure secret key)

=============================================================================

JWT_SECRET=your-very-secure-jwt-secret-key-here-minimum-32-characters JWT_EXPIRATION_HOURS=8

=============================================================================

REQUIRED: Organization Configuration

=============================================================================

TEAM_DEFAULT_ORG=

=============================================================================

OPTIONAL: Server Configuration (Use defaults if not specified)

=============================================================================

HOST_PORT=8192 SPRING_PROFILE=prod

=============================================================================

OPTIONAL: SAML Attribute Mapping (Use defaults if your IdP uses standard claims)

=============================================================================

SAML_ATTR_EMAIL=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress,email,mail

SAML_ATTR_FIRST_NAME=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname,firstName,givenName

SAML_ATTR_LAST_NAME=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname,lastName,sn

SAML_ATTR_DEPARTMENT=department,ou,organizationalUnit

SAML_ATTR_SUBDEPARTMENT=subdepartment,organizationalUnit,ou

=============================================================================

OPTIONAL: Single Logout (Leave empty to disable SLO)

=============================================================================

SAML_SP_SLO_URL=https://your-domain.com/auth/saml/logout

SAML_IDP_SLO_URL=

=============================================================================

OPTIONAL: Security Settings (Use defaults if not specified)

=============================================================================

SAML_SP_WANT_ASSERTIONS_SIGNED=true

SAML_SP_SIGN_REQUESTS=false

PreviousCVE API

Last updated