Common parameters and context

Common parameters

Common parameters are parameters that all protocol agnostic authenticators have in common. These are: 

  • setSSOParameters -- Whether or not SSO parameters should be set upon successful execution of the authenticator (suggestion, read the solution document "Single sign on for Protocol Agnostic Authenticators" before using this)

Accessing the current authentication context

Before each authenticator's main pipe (and the SAML IdP's default assertion pipe) is run, the request has some context parameters added to it. This context is simply some key parameters from the authentication request that might be of interest to look at during the authentication flow. These context parameters are the same which are available in AgnosticDispatcher, but with slightly different format. The values are accessible inside a pipe with the following syntax: 

  • {{request.contextrequestissuer}} -- The request issuer, (if protocol is OIDC, == client_id, if protocol is SAML, == SP entity ID, if protocol is internal, == successUrl)
  • {{request.contextprotocol}} -- The context protocol, can be OIDC, SAML or Internal
  • {{request.contextrequestedauthenticationcontext}} -- The requested authentication context (if OIDC, == acr_values, if SAML, "RequestedAuthnContext")
  • {{request.contextloginhint}} -- The OIDC login hint
  • {{request.contextbindingishok}} -- If the SAML binding used is a holder-of-key binding
  • {{request.contextsignmessage}} -- The SAML Sign Message
  • {{request.contextissignrequest}} -- Shorthand for if a SAML Sign Message is present