FidoAuthenticatorSAML

Used when acting as an IDP and using FIDO2 token as the authentication method. Authentication is done by using a user name and a  pre-enrolled FIDO token.

Properties

Name Description Default value Mandatory
idpID The internal identifier of the idp used N/A Yes
pipeID Id of the pipe used to issue the SAML assertion N/A Yes
samlAuthMethod What value is set in the AuthnContextClassRef urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient No
loginTemplate UI template used for rendering enduser UI fido2.template No
userNameParamName Parameter where password resides in the incoming request username Yes

Example Configuration 

{
    "alias": "fidoauth",
    "name": "FidoAuthenticatorSAML",
    "configuration": {
        "idpID": "idp",
        "pipeID":"tokenPipe",
        "servicename":"Acme"
}

Requirements

User must have at least one FIDO token enrolled.