Skip to content

OpenCTI Documentation

Home
Deployment & Setup
Deployment & Setup
- Platform
  Platform
  - Overview
  - Installation
  - Configuration
  - Authentication
  - Upgrade
  - Breaking changes
    Breaking changes
    
    Index
    
    Migration guides
    Migration guides
    
    Removing bi-directional stream connectors
    
    Promote to Indicator
    
    SAML authentication SAML authentication
    Table of contents
    
    Description of changes
    
    Migrate guide
    
    New filter API
- Ecosystem
  Ecosystem
- Advanced
  Advanced
User Guide
User Guide
- Getting started
- Foundations
  Foundations
- Explore knowledge
  Explore knowledge
  - Overview
  - Search for knowledge
  - Explore by entity types
    Explore by entity types
    
    Analysis
    
    Cases
    
    Events
    
    Observations
    
    Threats
    
    Arsenal
    
    Techniques
    
    Entities
    
    Locations
  - Pivot and investigate
- Create knowledge
  Create knowledge
- Enrich knowledge
  Enrich knowledge
- Act on knowledge
  Act on knowledge
  - Case management
  - Notifications and alerting
  - Background tasks
  - Dashboards
    Dashboards
    
    Custom dashboards
    
    Share custom dashboards
    
    Widget creation
    
    Tips for widget creation
  - Workflows and assignation
  - Indicators lifecycle
  - Automation
- Delete and restore knowledge
- Sharing and exports
  Sharing and exports
  - Native feeds
  - Manual export
Administration
Administration
- Introduction
- Enterprise edition
- Data management
  Data management
- Platform settings
  Platform settings
  - Parameters
  - Security
    Security
    
    Policies
    
    Users and RBAC
    Users and RBAC
    
    Users and RBAC
    
    Protect sensitive configuration
    
    Data segregation
    Data segregation
    
    Marking restriction
    
    Organization segregation
  - Customization
    Customization
    
    Entity types
    
    Rules engine
    
    Notifiers
    Notifiers
    
    Custom notifiers
    
    Notifier samples
    
    Retention policies
    
    Decay rules
  - Taxonomies
  - Activity
    Activity
    
    Overview
    
    Events
    
    Configuration
    
    Activity triggers
  - File indexing
  - Support package
Reference
Reference
- Data
  Data
- APIs and feeds
  APIs and feeds
  - GraphQL API
  - Filters
    Filters
    
    Filters knowledge
  - Data Streaming
- Deployment and stack
  Deployment and stack
  - Usage telemetry
  - FIPS 140-2 installation
Development
Development
- Prerequisites
  Prerequisites
  - Ubuntu
  - Windows
- Platform
- Python library
- Connectors
- Playground

Change to SAML authentication default parameters

Changed in: OpenCTI 6.2

Description of changes

Upgrading passport-saml library introduced a breaking change with respect to the default SAML parameters regarding signing responses and assertions.

When want_assertions_signed and want_authn_response_signed SAML parameter are not present in OpenCTI configuration, the default is now set to true by passport-saml library when previously it was false by default.

Migrate guide

If you have issues after upgrade, you can try with both parameters set to false.