Used when authentication is based data not provided by an end user (header or a token). Often sent from a reverse proxy.


Name Description Default value Mandatory
idpID The iternal identifier of the idp used N/A Yes
pipeID Id of the pipe used to issue the SAML assertion N/A Yes
samlAuthMethod What value is set in the AuthnContextClassRef urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport No
requiredParameter If configured, the system will look for presence of the paramater before executing the pipe. Missing presence will result in aborting the execution No
strictValidation Whether or not additional validation checks should be made on the SAMLRequest. false No

Example Configuration

    "alias": "samldispatch",
    "name": "HeaderSAML",
    "configuration": {
        "idpID": "idp",


The response must include a parameter called username that may not be empty.