Design#
The Authentication SAML Module introduces some new routes:
GET
/<database>/authentication/saml/<identity>/login
: redirect to the identity provider location with a prepared request using thenext
argument as relay state.
GET
/<database>/authentication/saml/<identity>/metadata
: return the metadata XML of the service provider.
POST
/<database>/authentication/saml/<identity>/acs
: verify the authentication request and redirect to the relay state.