Identity Provider Plugins



All of the plugins documented here require V4.1 and above and will not work in older versions.

The Shibboleth IdP software, as of V4.1 and above, supports the concept of Plugins, add-on packages that add functionality and optionally expose Modules with individual features that can be enabled or disabled. Most new software features will be packaged as plugins to the core software to reduce the frequency of upgrades solely to deliver new features and to minimize the impact of security vulnerabilities.

The following table provides a summary of known plugins available (both first- and third-party) along with links to the appropriate documentation and any security advisories published.

Name

Description

Advisories

Name

Description

Advisories

OIDC OP

OIDC OP support (requires install of OIDCCommon)

 

Duo Universal Prompt

Duo UniversalPrompt OIDC-based login support (requires install of OIDCCommon)

 

TOTP

Generic TOTP OATH token login support

 

Nashorn

Implementation of the Nashorn ECMAscript language (provided for JDK versions >=15)

 

Rhino

Implementation of the Rhino ECMAscript language common prior to Java 8

 

OIDCCommon

Implementation of reusable Java components related to OpenID Connect protocol processing. 

 

Metadatagen

(BETA) A command-line tool to generate metadata based on shallow introspection of the IdP configuration properties