SingleStore DB

Minimum Configurations

Two minimum memsql.cnf configurations are possible with SAML authentication, and each depends on how the incoming SAML assertion specifies the username credential.

NameID Configuration

If the incoming SAML assertion identifies a username with the <saml:NameID> element, you can set the saml_use_NameID variable to ON. The following configuration assumes that neither an x509 certificate, signature, audience restriction, recipient, nor any encryption exists in the assertion.

[server]
...
saml_use_NameID = ON
...
Attribute Name Configuration

If the incoming SAML assertion identifies a username with a <saml:Attribute Name=""> element, you can set the saml_user_name_attribute variable to its value. The following configuration assumes that neither an x509 certificate, signature, audience restriction, recipient, nor any encryption exists in the assertion.

Minimum configuration for Attribute Name element.

[server]
...
saml_user_name_attribute = <my-username-identifier>
...