The Shibboleth IdP V4 software will leave support on September 1, 2024.

ProtocolsAndInterfaces



The following standardized protocol interfaces are supported:

Protocol

Binding

Endpoint

Profile ID

SAML 2.0 Browser SSO

HTTP-Redirect

/profile/SAML2/Redirect/SSO





http://shibboleth.net/ns/profiles/saml2/sso/browser



HTTP-POST

/profile/SAML2/POST/SSO



HTTP-POST-SimpleSign

/profile/SAML2/POST-SimpleSign/SSO



Shibboleth Protocol (proprietary)

/profile/SAML2/Unsolicited/SSO

SAML 2.0 Enhanced Client/Proxy

SOAP 1.1

/profile/SAML2/SOAP/ECP

http://shibboleth.net/ns/profiles/saml2/sso/ecp

SAML 2.0 Single Logout

HTTP-Redirect

/profile/SAML2/Redirect/SLO





http://shibboleth.net/ns/profiles/saml2/logout



HTTP-POST

/profile/SAML2/POST/SLO



HTTP-POST-SimpleSign

/profile/SAML2/POST-SimpleSign/SLO



SOAP 1.1

/profile/SAML2/SOAP/SLO

SAML 2.0 Attribute Query

SOAP 1.1

/profile/SAML2/SOAP/AttributeQuery

http://shibboleth.net/ns/profiles/saml2/query/attribute

SAML 2.0 Artifact Resolution

SOAP 1.1

/profile/SAML2/SOAP/ArtifactResolution

http://shibboleth.net/ns/profiles/saml2/query/artifact

SAML 1.1 Browser SSO

Shibboleth Protocol (proprietary)

/profile/Shibboleth/SSO

http://shibboleth.net/ns/profiles/saml1/sso/browser

SAML 1.1 Attribute Query

SOAP 1.1

/profile/SAML1/SOAP/AttributeQuery

http://shibboleth.net/ns/profiles/saml1/query/attribute

SAML 1.1 Artifact Resolution

SOAP 1.1

/profile/SAML1/SOAP/ArtifactResolution

http://shibboleth.net/ns/profiles/saml1/query/artifact

ID-WSF Single Sign-On Service

SOAP 1.1

/profile/IDWSF/SSOS

http://shibboleth.net/ns/profiles/liberty/ssos

CAS 2 Login



/profile/cas/login



CAS 2 Proxy Login



/profile/cas/proxy



CAS 2 Logout



/profile/cas/logout



CAS 2 Ticket Validation



/profile/cas/serviceValidate



CAS 2 Proxy Ticket Validation



/profile/cas/proxyValidate



CAS 2 SAML Validation



/profile/cas/samlValidate



The following proprietary interfaces are supported:

Logout



/profile/Logout



The following administrative interfaces are supported:

Status



/status

http://shibboleth.net/ns/profiles/status

Hello World 4.1



/profile/admin/hello

http://shibboleth.net/ns/profiles/hello

Attribute Resolver/Filter



/profile/admin/resolvertest

http://shibboleth.net/ns/profiles/resolvertest

Reload Service Configuration



/profile/admin/reload-service

http://shibboleth.net/ns/profiles/reload-service-configuration

Reload Metadata Resolver



/profile/admin/reload-metadata

http://shibboleth.net/ns/profiles/reload-metadata

Lockout



/profile/admin/lockout

http://shibboleth.net/ns/profiles/lockout-manager

Metadata Query



/profile/admin/mdquery

http://shibboleth.net/ns/profiles/mdquery

Metrics



/profile/admin/metrics

http://shibboleth.net/ns/profiles/metrics

Storage

jsonapi.org

/profile/admin/storage

http://shibboleth.net/ns/profiles/storage

Attended Restart



/profile/admin/unlock-keys

http://shibboleth.net/ns/profiles/unlock-keys



The Profile ID string can always be found in the ProfileRequestContext as the profileId and can be used to drive conditions

<bean parent="shibboleth.Conditions.Expression" c:expression="#profileContext.getProfileId().equals('http://shibboleth.net/ns/profiles/mdquery')">