SAML IDP URLs
The following table provides an overview of all relevant URLs when using Airlock IAM as SAML identity provider (IDP).
The SAML IDP endpoint URLs are new for IAM 7.6.
Old SAML endpoint URLs (< IAM 7.6) are still supported such that existing remote SPs do not have to be reconfigured for the Loginapp UI.
SAML IDP URLs
Note that the URLs depend on the SAML configuration, especially the configured metaAlias (which is iamIdP in the templates provided in this documentation).
All URLs are specified relative to the Airlock IAM context path (e.g. https://iam.host.com/auth/).
URL scheme | Meaning | Examples |
|---|---|---|
| SSO endpoint for redirect binding. |
|
| SSO endpoint for POST binding. |
|
| Artifact resolution endpoint. |
|
| SLO endpoint for POST- and redirect binding. |
|
| SAML error page in the Loginapp UI. |
|
Make sure to use an up-to-date Airlock Gateway mapping template file (IAM 7.6 or newer) and activate the SAML allow rule.
Legacy URLs
The documented Legacy URLs are still supported by Loginapp UI and correspond to the URLs used in Airlock IAM versions 7.5 and older.
Use them if there are existing SPs that rely on the URLs and you do not want to change the SP configuration.
URL scheme | Meaning | Examples |
|---|---|---|
| SSO endpoint for redirect binding. |
|
| SSO endpoint for POST binding. |
|
| Artifact resolution endpoint. |
|
| SLO endpoint for POST- and redirect binding. |
|
| SAML error page in the Loginapp UI. |
|