So I’m trying to configure a SAML connection but the client uses shibboleth. I’m not sure how this is used since their metadata seems to have a signing certificate and encoded. Also, they have provided mutiple sign-on and logout URL’s. I have not seen any documentation that helps explain this kind of setup. Does Auth0 support Shibboleth?
The certificate in SAML metadata is base64 encoded but not in the PEM format that the dashboard requires for the certificate upload. I have a link in the other post to a tool that will format the certificate appropriately. I also mention which URL is usually the correct one. HTTP-Redirect in most cases. Some IdPs may expect the SAML request as a POST, and then you would use the HTTP-POST binding URL. This is often required if the IdP requires signed authentication requests.