Get parameters Provider

Presentation

For application not managing other provider protocols (CAS, OpenID Connect, SAML,...) it is possible to configure LL::NG as a provider of GET parameters:

Passing such sensitive information can be dangerous. Using other well-known secured protocols are advised.

There is also the possibility to trigger a logout action by passing the return url , such as http://auth.example.com/get/logout?url=base64(return_url)

Configuration

In the Manager, go in General Parameters » Issuer modules » GET and configure:

For example, to allow only users with a strong authentication level:
$authenticationLevel > 2
Rewrite rules must have been activated in Apache portal configuration or in Nginx portal configuration.

Then go in Get parameters to define variables to transmit:

For example:

"test1.example.com" => {
    "id" => "_session_id",
}
In the previous example, _session_id is quite sensitive, thus it is encouraged that the application revalidate _session_id using getCookie() SOAP call to avoid some security problems
If host is not already registered in virtual hosts, you need to declare it in trusted domains to allow redirection