You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/Saml2/README.md
+11Lines changed: 11 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -182,6 +182,17 @@ To publish the SingleLogoutService in your service provider metadata, you also h
182
182
],
183
183
```
184
184
185
+
When the Identity Provider is configured through `metadata`, its SingleLogoutService location is read from that metadata automatically. When configuring the Identity Provider manually (using `acs`), there is no metadata to read it from, so provide the IdP's Single Logout URL with the `slo` key:
186
+
```php
187
+
'saml2' => [
188
+
'acs' => 'https://idp.co/auth/sso', // the IDP's Single Sign-On URL
189
+
'slo' => 'https://idp.co/auth/slo', // the IDP's Single Logout URL
Without `slo`, `logoutResponse()` cannot resolve the IdP logout endpoint for a manually configured Identity Provider.
195
+
185
196
### Signing and encryption
186
197
187
198
SAML2 supports the signing and encryption of messages and assertions. Many Identity Providers make one or both mandatory. To enable this feature, you can generate a certificate for your application and provide it in `config/services.php` as:
0 commit comments