Design

Design#

The Authentication SAML Module introduces some new routes:

  • GET /<database>/authentication/saml/<identity>/login: redirect to the identity provider location with a prepared request using the next argument as relay state.

  • GET /<database>/authentication/saml/<identity>/metadata: return the metadata XML of the service provider.

  • POST /<database>/authentication/saml/<identity>/acs: verify the authentication request and redirect to the relay state.