...
Specifies that an attribute in the assertion is a possible location of the email/username. The required name attribute specifies the name of the attribute in the assertion.
Defaults to:
<name-id />
<attribute name="urn:oid:0.9.2342.19200300.100.1.3" />
<attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
<attribute name="email" />
<attribute name="mail" />
assertion-sso-id-probes
A list of locations in a SAML assertion returned by the identity provider to look for the SSO ID of a CollectionSpace user (the persistent ID of the user in the identity provider). A location is either an attribute in the assertion or the NameID of the assertion. Each location is probed in the order given. Once a non-null value is found, probing stops.
...
Specifies that an attribute in the assertion is a possible location of the SSO ID. The required name attribute specifies the name of the attribute in the assertion.
Defaults to:
<name-id />
signing-x509-credentials
A list of credentials to use for signing SAML requests issued by CollectionSpace. Typically, you will only specify a single credential (private key and certificate pair). A credential is required if the identity provider requires login requests to be signed (as reported in its metadata), or if single logout is enabled. Otherwise, signing credentials are optional.
...