An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Google Workspace, Active Directory and Kerberos
Is your feature request related to a problem? Please describe.
Some applications require both the assertion and message to be signed. Currently, Casdoor will sign the message only which does not meet the application requirements. As an aside, it may be a good idea to add signing for other parts of the response like the metadata as well if desired. Note that other providers such as Authentik have the same limitation.
Describe the solution you'd like
An option for each application that will sign both the message and assertion in the SAML response.
Is your feature request related to a problem? Please describe.
Some applications require both the assertion and message to be signed. Currently, Casdoor will sign the message only which does not meet the application requirements. As an aside, it may be a good idea to add signing for other parts of the response like the metadata as well if desired. Note that other providers such as Authentik have the same limitation.
Describe the solution you'd like
An option for each application that will sign both the message and assertion in the SAML response.