# SwaggerAemClient::SamlConfigurationProperties

## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**path** | [**Array<SamlConfigurationPropertyItemsArray>**](SamlConfigurationPropertyItemsArray.md) | Repository path for which this authentication handler should be used by Sling. If this is empty, the authentication handler will be disabled. | [optional] 
**service_ranking** | [**Array<SamlConfigurationPropertyItemsLong>**](SamlConfigurationPropertyItemsLong.md) | OSGi Framework Service Ranking value to indicate the order in which to call this service. This is an int value where higher values designate higher precedence. Default value is 0. | [optional] 
**idp_url** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | URL of the IDP where the SAML Authentication Request should be sent to. If this property is empty the authentication handler is disabled. (idpUrl) | [optional] 
**idp_cert_alias** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The alias of the IdP's certificate in the global truststore. If this property is empty the authentication handler is disabled. | [optional] 
**idp_http_redirect** | [**Array<SamlConfigurationPropertyItemsBoolean>**](SamlConfigurationPropertyItemsBoolean.md) | Use an HTTP Redirect to the IDP URL instead of sending an AuthnRequest-message to request credentials. Use this for IDP initiated authentication. | [optional] 
**service_provider_entity_id** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | ID which uniquely identifies this service provider with the identity provider. If this property is empty the authentication handler is disabled. | [optional] 
**assertion_consumer_service_url** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The (optional) AssertionConsumerServiceURL attribute of an Authn request specifies the location to which a <Response> message MUST be sent to the requester. | [optional] 
**sp_private_key_alias** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The alias of the SP's private key in the key-store of the 'authentication-service' system user. If this property is empty the handler will not be able to sign or decrypt messages. | [optional] 
**key_store_password** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The password of the key-store of the 'authentication-service' system user. | [optional] 
**default_redirect_url** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The default location to redirect to after successful authentication. | [optional] 
**user_id_attribute** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The name of the attribute containing the user ID used to authenticate and create the user in the CRX repository. Leave empty to use the Subject:NameId. | [optional] 
**use_encryption** | [**Array<SamlConfigurationPropertyItemsBoolean>**](SamlConfigurationPropertyItemsBoolean.md) | Whether or not this authentication handler expects encrypted SAML assertions. If this is enabled the SP's private key must be provided in the key-store of the 'authentication-service' system user (see SP Private Key Alias above). | [optional] 
**create_user** | [**Array<SamlConfigurationPropertyItemsBoolean>**](SamlConfigurationPropertyItemsBoolean.md) | Whether or not to autocreate nonexisting users in the repository. | [optional] 
**add_group_memberships** | [**Array<SamlConfigurationPropertyItemsBoolean>**](SamlConfigurationPropertyItemsBoolean.md) | Whether or not a user should be automatically added to CRX groups after successful authentication. | [optional] 
**group_membership_attribute** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The name of the attribute containing a list of CRX groups this user should be added to. | [optional] 
**default_groups** | [**Array<SamlConfigurationPropertyItemsArray>**](SamlConfigurationPropertyItemsArray.md) | A list of default CRX groups users are added to after successful authentication. | [optional] 
**name_id_format** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The value of the NameIDPolicy format parameter to send in the AuthnRequest message. | [optional] 
**synchronize_attributes** | [**Array<SamlConfigurationPropertyItemsArray>**](SamlConfigurationPropertyItemsArray.md) | A list of attribute mappings (in the format \\attributename=path/relative/to/user/node\\) which should be stored in the repository on user-synchronization. | [optional] 
**handle_logout** | [**Array<SamlConfigurationPropertyItemsBoolean>**](SamlConfigurationPropertyItemsBoolean.md) | Whether or not logout (dropCredentials) requests will be processed by this handler. | [optional] 
**logout_url** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | URL of the IDP where the SAML Logout Request should be sent to. If this property is empty the authentication handler won't handle logouts. | [optional] 
**clock_tolerance** | [**Array<SamlConfigurationPropertyItemsLong>**](SamlConfigurationPropertyItemsLong.md) | Time tolerance in seconds to compensate clock skew between IDP and SP when validating Assertions. | [optional] 
**digest_method** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The digest algorithm to use when signing a SAML message. | [optional] 
**signature_method** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | The signature algorithm to use when signing a SAML message. | [optional] 
**user_intermediate_path** | [**Array<SamlConfigurationPropertyItemsString>**](SamlConfigurationPropertyItemsString.md) | User intermediate path to store created users. | [optional]