Closed brendanheywood closed 10 months ago
Tried 3 different scenarios as discussed
a) Update authsources to convert NameIdPolicy to an array
This made no difference to the logout request - SPNameQualifier was still getting passed and couldn't log out of Moodle.
b) Change nameid to transient
This caused the following error when trying to login from Moodle
c) Set "Expose NameID as attribute" setting to No. Redirects to IdP correctly, but after successful login at IdP level, it fails to login to Moodle
However, when "Logout" is clicked above, the SPNameQualifier attribute is not sent and logout from IdP is successful
Probably no need for this PR now, as we've found a way to avoid doing this by choosing "No" for "Expose Nameid as attribute" option and passing email address as a regular field in the saml response from the IdP.
Closes #769