Signed SAML Requests: Algorithm and Digest Defaults

When creating a SAML Enterprise connection, the portal allows you to enable Sign Requests without specifying an algorithm or algorithm digest.


What’s the behavior if you don’t specify these values? Are requests not signed? Or is a default algorithm and digest used?

Hi @andrew.miller,

Thank you for asking about this. The request is signed and these are the default settings with Sign Request enabled:

  • Signed Request Signature Algorithm: defaults to RSA-SHA256

  • Signed Request Signature Digest: defaults to SHA256

  • Request Protocol Binding: defaults to HTTP-Redirect

Hope this helps!



Awesome, thanks David.

Defaulting like this makes sense but FWIW I couldn’t find this in the documentation anywhere.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.