/
ProtocolsAndInterfaces

The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.

ProtocolsAndInterfaces

Jul 06, 2018

The following standardized protocol interfaces are supported:

Protocol

Binding

Endpoint

Profile ID

SAML 2.0 Browser SSO

HTTP-Redirect

/profile/SAML2/Redirect/SSO

 

http://shibboleth.net/ns/profiles/saml2/sso/browser
BrowserSSOProfileConfiguration.PROFILE_ID



 

HTTP-POST

/profile/SAML2/POST/SSO

 

HTTP-POST-SimpleSign

/profile/SAML2/POST-SimpleSign/SSO

 

Shibboleth Protocol (proprietary)

/profile/SAML2/Unsolicited/SSO

SAML 2.0 Enhanced Client/Proxy

SOAP 1.1

/profile/SAML2/SOAP/ECP

http://shibboleth.net/ns/profiles/saml2/sso/browser
ECPProfileConfiguration.PROFILE_ID

SAML 2.0 Single Logout

HTTP-Redirect

/profile/SAML2/Redirect/SLO

 

 

HTTP-POST

/profile/SAML2/POST/SLO

 

 

HTTP-POST-SimpleSign

/profile/SAML2/POST-SimpleSign/SLO

 

 

SOAP 1.1

/profile/SAML2/SOAP/SLO

 

SAML 2.0 Attribute Query

SOAP 1.1

/profile/SAML2/SOAP/AttributeQuery

http://shibboleth.net/ns/profiles/saml2/query/attribute
AttributeQueryProfileConfiguration.PROFILE_ID

SAML 2.0 Artifact Resolution

SOAP 1.1

/profile/SAML2/SOAP/ArtifactResolution

http://shibboleth.net/ns/profiles/saml2/query/artifact
ArtifactQueryProfileConfiguration.PROFILE_ID

SAML 1.1 Browser SSO

Shibboleth Protocol (proprietary)

/profile/Shibboleth/SSO

 

SAML 1.1 Attribute Query

SOAP 1.1

/profile/SAML1/SOAP/AttributeQuery

 

SAML 1.1 Artifact Resolution

SOAP 1.1

/profile/SAML1/SOAP/ArtifactResolution

 

ID-WSF Single Sign-On Service

SOAP 1.1

/profile/IDWSF/SSOS

 

CAS 2 Login

 

/profile/cas/login

 

CAS 2 Proxy Login

 

/profile/cas/proxy

 

CAS 2 Logout

 

/profile/cas/logout

 

CAS 2 Ticket Validation

 

/profile/cas/serviceValidate

 

CAS 2 Proxy Ticket Validation

 

/profile/cas/proxyValidate

 

CAS 2 SAML Validation

 

/profile/cas/samlValidate

 

The following proprietary interfaces are supported:

Logout

 

/profile/Logout

 

The following administrative interfaces are supported:

Status

 

/status

http://shibboleth.net/ns/profiles/status

Attribute Resolver/Filter

 

/profile/admin/resolvertest

http://shibboleth.net/ns/profiles/resolvertest

Reload Service Configuration

 

/profile/admin/reload-service

http://shibboleth.net/ns/profiles/reload-service-configuration

Reload Metadata Resolver

 

/profile/admin/reload-metadata

http://shibboleth.net/ns/profiles/reload-metadata

Lockout

 

/profile/admin/lockout

http://shibboleth.net/ns/profiles/lockout-manager

Metadata Query

 

/profile/admin/mdquery

http://shibboleth.net/ns/profiles/mdquery

Metrics

 

/profile/admin/metrics

http://shibboleth.net/ns/profiles/metrics

Storage

jsonapi.org

/profile/admin/storage

http://shibboleth.net/ns/profiles/storage

The Profile ID string can always be found in the ProfileRequestContext as the profileId and can be used to drive conditions

<bean parent="shibboleth.Conditions.Expression" c:expression="#profileContext.getProfileId().equals('http://shibboleth.net/ns/profiles/mdquery')"/>