diff --git a/config/saml2-backend.yaml b/config/saml2-backend.yaml
index 49767bff0fd00d59fed3bab0a4636a409437fd47..e73eeca003fdd4f0e41346aea16eeee05a87f81c 100644
--- a/config/saml2-backend.yaml
+++ b/config/saml2-backend.yaml
@@ -46,10 +46,10 @@ config:
url: "https://www.tuwien.at/"
contact_person:
- contact_type: "technical"
- email_address: "tudata@tuwien.ac.at"
+ email_address: "mailto:tudata@tuwien.ac.at"
given_name: "Technical Support"
- contact_type: "other"
- email_address: "tudata@tuwien.ac.at"
+ email_address: "mailto:tudata@tuwien.ac.at"
given_name: "Security Contact"
# we don't go around collecting the SAML metadata from every IDP individually, but rather get them
@@ -84,12 +84,18 @@ config:
sp:
ui_info:
display_name:
+ - lang: "de"
+ text: "TU Wien Research Data"
- lang: "en"
text: "TU Wien Research Data"
description:
+ - lang: "de"
+ text: "Das institutionelle Forschungsdaten-Repository der TU Wien"
- lang: "en"
text: "The institutional research data repository of TU Wien"
information_url:
+ - lang: "de"
+ text: "https://researchdata.tuwien.ac.at/"
- lang: "en"
text: "https://researchdata.tuwien.ac.at/"
privacy_statement_url:
@@ -125,7 +131,9 @@ config:
requested_attributes:
# "subject-id" (urn:oasis:names:tc:SAML:attribute:subject-id) and
# "pairwise-id" (urn:oasis:names:tc:SAML:attribute:pairwise-id) are
- # special in how they're requested
+ # special in how they're requested - they are newer than the SAML data model
+ # and their logic (only *one of them* is required) cannot be represented with
+ # simple boolean flags for "required"/"optional" - as such, they're left out here
#
# fallback for them: "ePPN"
# https://help.switch.ch/aai/support/documents/attributes/edupersonprincipalname/
@@ -157,10 +165,10 @@ config:
required_attributes:
- "mail"
+ - "displayName"
- "givenName"
- "sn"
optional_attributes:
- "eduPersonPrincipalName"
- "eduPersonScopedAffiliation"
- - "displayName"