Skip to main content
Skip table of contents

SAML Verification

The SAML Verification policy verifies the incoming messages carrying an SAML token and also denies permission if the conditions set in the SAML Verification Policy configuration do not match. Various variables can be set which are explained in the sections below.

Configuration

The properties that have to be configured to use the policy are described below.

PropertyDescription
Source

The target of the policy. Valid values are

  • Body
  • Query
  • Header
Assertion Element Path

An XPath element that indicates the element on the inbound XML document from which the policy can extract the SAML assertion.

Namespaces 
Remove SAML Assertion

Enable this to remove the SAML assertion from the request message before the message is forwarded to the backend service.

Ignore if SAML Not Present

Enable this to treat messages as XML, irrespective of the Content-type.

By default, the assertion will not be generated if the content type of the message is not an XML Content-Type

VerifyEnable this is KeyStore configuration is required.

Key Store Configuration

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.