diff options
| author | Norihito Nakae | 2017-11-29 20:26:28 +0900 |
|---|---|---|
| committer | Norihito Nakae | 2017-11-29 20:26:28 +0900 |
| commit | 410268da741d61c9f010514a6e7dd59542a051d8 (patch) | |
| tree | b82705af74fe36376665bf3af2e4ace65e43998a /README.md | |
| parent | a22be81febd6f0bad118e8722e62c841836af807 (diff) | |
added environment variables for SAML
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -174,6 +174,15 @@ There are some configs you need to change in the files below | HMD_LDAP_PROVIDERNAME | `My institution` | Optional name to be displayed at login form indicating the LDAP provider | | HMD_SAML_IDPSSOURL | `https://idp.example.com/sso` | authentication endpoint of IdP | | HMD_SAML_IDPCERT | `/path/to/cert.pem` | certificate file path of IdP in PEM format | +| HMD_SAML_ISSUER | no example | identity of the service provider (optional, default: serverurl)" | +| HMD_SAML_IDENTIFIERFORMAT | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) | +| HMD_SAML_GROUPATTRIBUTE | `memberOf` | attribute name for group list (optional) | +| HMD_SAML_REQUIREDGROUPS | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) | +| HMD_SAML_EXTERNALGROUPS | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) | +| HMD_SAML_ATTRIBUTE_ID | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) | +| HMD_SAML_ATTRIBUTE_USERNAME | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) | +| HMD_SAML_ATTRIBUTE_DISPLAYNAME | `displayName` | attribute map for `displayname` (optional, default: NameID of SAML response) | +| HMD_SAML_ATTRIBUTE_EMAIL | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `HMD_SAML_IDENTIFIERFORMAT` is default) | | HMD_IMGUR_CLIENTID | no example | Imgur API client id | | HMD_EMAIL | `true` or `false` | set to allow email signin | | HMD_ALLOW_PDF_EXPORT | `true` or `false` | Enable or disable PDF exports | @@ -251,6 +260,7 @@ There are some configs you need to change in the files below | mattermost | `/auth/mattermost/callback` | | dropbox | `/auth/dropbox/callback` | | google | `/auth/google/callback` | +| saml | `/auth/saml/callback` | # Developer Notes |