By: Vreixo Luis Gonzalez Caneda user 17 Jan 2023 at 4:48 a.m. CST

1 Response

Hi, Is it possible to define a default ACR for SAML integrations? In our integration with Microsoft 365 following https://gluu.org/docs/gluu-server/4.4/integration/saas/office/ we would like to choose the script to use. From Microsoft side we did not find a way to pass a ACR parameter. Now we need to rely on "Default acr" in manage authentication but this won't be possible if we have another SAML integration and it's forcing us to declare a default ACR in all open id clients even if they would be able to use a different default most of them. Thank you very much,

Gluu 4.4 Ubuntu 22.04

closed

By Mohib Zico staff 08 Feb 2023 at 6:45 a.m. CST

Copy

Hello, Yes, Possible. But SP need to _send this ACR_ request in SAML assertion. Here in this unofficial doc, Duo is appearing only when this specific SP is requesting this special `mfa` ACR. https://gist.github.com/mzico/bc45b2d0bf0c07049be3088aca7a9008

You need to Login in order to post an answer

Default ACR for SAML

By: Vreixo Luis Gonzalez Caneda user 17 Jan 2023 at 4:48 a.m. CST

Answers

By Mohib Zico staff 08 Feb 2023 at 6:45 a.m. CST

Post an answer