summary refs log tree commit diff
path: root/docs
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2019-06-26 23:56:28 +0100
committerRichard van der Hoff <richard@matrix.org>2019-06-26 23:56:28 +0100
commita0acfcc73eba167fa0cdbcb76d868340ce147aa4 (patch)
tree793d4cf3177ab0c40f4525c68539e768b7d36676 /docs
parentAdd support for tracking SAML2 sessions. (diff)
downloadsynapse-a0acfcc73eba167fa0cdbcb76d868340ce147aa4.tar.xz
update sample config
Diffstat (limited to '')
-rw-r--r--docs/sample_config.yaml13
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index da10788e96..8d52d17792 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -997,6 +997,13 @@ signing_key_path: "CONFDIR/SERVERNAME.signing.key"
 #      remote:
 #        - url: https://our_idp/metadata.xml
 #
+#    # By default, the user has to go to our login page first. If you'd like to
+#    # allow IdP-initiated login, set 'allow_unsolicited: True' in an 'sp'
+#    # section:
+#    #
+#    #sp:
+#    #  allow_unsolicited: True
+#    #
 #    # The rest of sp_config is just used to generate our metadata xml, and you
 #    # may well not need it, depending on your setup. Alternatively you
 #    # may need a whole lot more detail - see the pysaml2 docs!
@@ -1020,6 +1027,12 @@ signing_key_path: "CONFDIR/SERVERNAME.signing.key"
 #  # separate pysaml2 configuration file:
 #  #
 #  config_path: "CONFDIR/sp_conf.py"
+#
+#  # the lifetime of a SAML session. This defines how long a user has to
+#  # complete the authentication process, if allow_unsolicited is unset.
+#  # The default is 5 minutes.
+#  #
+#  # saml_session_lifetime: 5m