Hello, I'm currently trying to setup SATOSA as a proxy with a SAML2 backend and an OIDC frontend as I have a few apps that only support OIDC connect, but not SAML. Following the doc https://github.com/IdentityPython/SATOSA/blob/master/doc/saml2-to-oidc.md I created the necessary config files, but I can't make much sense out of the configuration parameters as https://github.com/IdentityPython/SATOSA/blob/master/doc/README.md#proxy_co… only describes a few of them and only on a very high level. Most importantly: - are <base_url> and <name> actual (auto-populated?) variables or do I have to replace them? base_url may be obvious (BASE from proxy_conf.yaml?) but what is "name"? - am I really supposed to generate the metadata manually using https://github.com/IdentityPython/SATOSA/blob/master/doc/README.md#saml_met… or is that achieved automatically by "entityid_endpoint: true" already? if not where does the resulting file need to be put an referenced? - with "entityid_endpoint: true" and "entityid: '<base_url>/<name>/metadata'" configured shouldn't I be able to download the SP metadata from this very URL? This doesn't seem to work for me (but may be related to Q1) as I'm only getting "The Service or Identity Provider you requested could not be found." (with various variations of name being "app" or "sp") - which backend endpoints are actually needed for a simple saml2-to-oidc use case? Reading through the mailing list I have only seen some known issues when connecting to Shibboleth as IdP. Are there also known issues or recommended configuration parameters when connecting to a SimpleSAMLphp IdP? Thanks for any pointers! Chris _______________________________________________ satosa-users mailing list satosa-users at lists.sunet.se https://lists.sunet.se/listinfo/satosa-users