Configuring SAML User Authentication

For the SAML IDP Service to issue assertions, it needs to authenticate users. This is configured through the authentication-service configuration option. See the configuration guide for details.

To allow for some clock skew between the OAuth profile and the Authentication Service, a configurable clock-skew can be used.