...
The scope of testing has increased now that we are supporting refresh token rotation for SAML. This support was added in the Poppy release. Instead however front end support will not reach FOLIO until Q. This means that in Q, instead of testing only the two bindings (REDIRECT and POST) we need to test the two bindings for both RTR enabled mod-login-saml and non-RTR enabled mod-login-saml. Currently the default for mod-login-saml is for RTR support. In order to configure non-RTR support (also referred to as legacy token support) a configuration needs to be added to mod-login-saml for a given tenant via mod-login-saml's configuration endpoint as documented in the RAML here.
The four testing scenarios are documented in the following table.
...
Note, when
| Jira Legacy | ||||||
|---|---|---|---|---|---|---|
|
...