Skip to main content

Securing MarkLogic Server

The SAML Server Fields

[v11.2.0 and up] The SAML Server fields appear when either Authentication or Authorization is saml.

Field	Description
SAML Entity ID	Entity ID of the Identity Provider (IDP). Typically in URL form.
SAML Destination	The URL that identifies the Identity Provider to accept the authentication request.
SAML Issuer	Entity ID of the Service Provider (SP), your MarkLogic Server instance. Typically in URL form.
SAML Assertion Host	The URL that identifies the host making the assertion
SAML IDP Certificate Authority	The certificate used to validate the signature in the authentication request.
SAML SP Certificate	(Required when you use `https` for SAML Destination) The certificate used to sign the authentication request.
SAML SP Private Key	(Required when you use `https` for SAML Destination) The private key used to sign the authentication request.
SAML Attribute Names	One or more SAML attribute names. These names will be requested as part of the attribute query and mapped as appropriate to internal MarkLogic Server roles.
SAML Authn Signature	The signature algorithm used to generate the SAML authentication signature.
SAML Privilege Attribute Name	(Optional when Authorization is `saml`) SAML privilege attribute name. If specified, the name will also be requested as part of the attribute query and mapped to MarkLogic Server privileges.

In this section: