Turbot Guardrails Enterprise (TE) v5.42.11 - SAML Security Enhancements

Jan 02, 2024

What's new?

  • Server

    • Updated: The directory API to support Require Signed Assertion Response.
  • UI:

    • Added: Introduced UI options for Require Signed Assertion Response for enhanced security in SAML authentication.


  • TEF: 1.51.0
  • TED: 1.9.1

Base images

Alpine: 3.17.5 Ubuntu: 22.04.3

Enhanced Security and Compatibility Guide for SAML Authentication

Description: The recent update to @node-saml/passport-saml mandates the signing of the assertion response. To ensure backward compatibility, we have introduced a new configuration option in the UI:

  • Require Signed Assertion Response

By default, this option is set to Disabled to maintain compatibility with existing setups.

Recommendations: We recommend enabling this option as it adds an additional layer of security. However, please be aware that enabling this setting might impact the SAML login functionality.