Signed SAML Requests: Algorithm and Digest Defaults

andrew.miller · December 17, 2022, 12:22am

When creating a SAML Enterprise connection, the portal allows you to enable Sign Requests without specifying an algorithm or algorithm digest.

What’s the behavior if you don’t specify these values? Are requests not signed? Or is a default algorithm and digest used?

david_wisecarver · December 20, 2022, 10:54pm

Thank you for asking about this. The request is signed and these are the default settings with Sign Request enabled:

Hope this helps!

Thanks,
Dave

andrew.miller · December 20, 2022, 11:08pm

Awesome, thanks David.

Defaulting like this makes sense but FWIW I couldn’t find this in the documentation anywhere.

system · January 3, 2023, 11:08pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SAML Request sign configuration if no option is selected Knowledge Articles connection , saml2 , default , sign-configuration	1	1096	April 11, 2023
Change SAML Signature Algorithm from SHA1 to SHA2 Knowledge Articles sha1 , sha2 , saml2 , encrypt	1	1275	February 10, 2024
Custom Signing Cert on Enterprise Connections Help management-api , connections-management-api	2	27	November 22, 2024
Enterprise Connection SAML Error: 'fail to compute signature' Help connections , saml-enterprise-connection	0	892	June 29, 2023
Use a Custom Certificate to Sign SAML Requests Knowledge Articles certificate , custom , saml-enterprise-connections	1	2052	January 28, 2023