Skip to main content

 

MindTouch Success Center

MindTouch-supported Active Directory Federation Services (ADFS) SAML SSO features

This page applies to:MindTouch (current)

This article reviews the SAML SSO features MindTouch supports for ADFS.
 

Supported SAML SSO features for ADFS


MindTouch integrates with ADFS as a service provider (SP), trusting ADFS as its identity provider (IdP). The table below lists the standard SAML single sign-on (SSO) and single logout (SLO) scenarios and endpoints MindTouch supports for ADFS.
 

Feature Supported? Method
SP-initiated SAML 2.0  SSO  Image of a green checkmark indicating "yes" SP redirect request, IdP POST response
SP-initiated SAML 2.0  SLO Image of a green checkmark indicating "yes" SP redirect request, IdP redirect response
IdP-initiated SAML 2.0  SSO Image of a green checkmark indicating "yes" IdP POST request
IdP-broadcasted SAML 2.0 SLO Image of a green checkmark indicating "yes" SP redirect reqeust, IdP redirect response
SP metadata download Image of a green checkmark indicating "yes" http://example.com/@app/saml/metadata
SP public X.509 certificate download Image of a green checkmark indicating "yes" If available: http://example.com/@app/saml/certificate
SP-IdP public X.509 certificate synchronization Image of a red x indicating "no" IdP public X.509 certificate must be manually updated in the MindTouch SP (either by IdP metadata or certificate file)
SP-IdP message signing and verification Image of a green checkmark indicating "yes" MindTouch signs outgoing messages with SHA1
IdP-SP message & assertion signing and verification Image of a green checkmark indicating "yes" SHA1 and SHA256 signatures are allowed
IdP-SP assertion encryption and decryption Image of a green checkmark indicating "yes" AES-128AES-256, and Triple DES encryption algorithms are allowed

 

  • Was this article helpful?