{
    "clientId": "FortiVPN-SSL",
    "name": "FortiVPN-SSL - SAML Endpoint",
    "description": "2FA für VPN Logins",
    "adminUrl": "https://<Fortigate-FQDN>:<VPN-Port>/remote/saml/login",
    "baseUrl": "https://<Fortigate-FQDN>:<VPN-Port>/",
    "surrogateAuthRequired": false,
    "enabled": true,
    "alwaysDisplayInConsole": false,
    "clientAuthenticatorType": "client-secret",
    "redirectUris": [
        "https://<Fortigate-FQDN>:<VPN-Port>/*"
    ],
    "webOrigins": [],
    "notBefore": 0,
    "bearerOnly": false,
    "consentRequired": false,
    "standardFlowEnabled": true,
    "implicitFlowEnabled": false,
    "directAccessGrantsEnabled": false,
    "serviceAccountsEnabled": false,
    "publicClient": false,
    "frontchannelLogout": true,
    "protocol": "saml",
    "attributes": {
        "saml.force.post.binding": "true",
        "saml.multivalued.roles": "false",
        "oauth2.device.authorization.grant.enabled": "false",
        "backchannel.logout.revoke.offline.tokens": "false",
        "saml.server.signature.keyinfo.ext": "false",
        "use.refresh.tokens": "true",
        "saml.signing.certificate": "",
        "oidc.ciba.grant.enabled": "false",
        "backchannel.logout.session.required": "false",
        "client_credentials.use_refresh_token": "false",
        "saml.signature.algorithm": "RSA_SHA256",
        "require.pushed.authorization.requests": "false",
        "saml.client.signature": "true",
        "saml.signing.private.key": "",
        "saml.server.signature.keyinfo.xmlSigKeyInfoKeyNameTransformer": "KEY_ID",
        "id.token.as.detached.signature": "false",
        "saml.assertion.signature": "false",
        "saml.encrypt": "false",
        "saml.server.signature": "true",
        "exclude.session.state.from.auth.response": "false",
        "saml.artifact.binding.identifier": "rS7OdT8p+OEnIYCZRDR+FCfTfMo=",
        "saml.artifact.binding": "false",
        "saml_force_name_id_format": "true",
        "tls.client.certificate.bound.access.tokens": "false",
        "saml.authnstatement": "true",
        "display.on.consent.screen": "false",
        "saml_name_id_format": "username",
        "saml.onetimeuse.condition": "false",
        "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#"
    },
    "authenticationFlowBindingOverrides": {
        "browser": ""
    },
    "fullScopeAllowed": true,
    "nodeReRegistrationTimeout": -1,
    "protocolMappers": [
        {
            "name": "username",
            "protocol": "saml",
            "protocolMapper": "saml-user-property-mapper",
            "consentRequired": false,
            "config": {
                "user.attribute": "username",
                "friendly.name": "username",
                "attribute.name": "username"
            }
        },
        {
            "name": "role list",
            "protocol": "saml",
            "protocolMapper": "saml-role-list-mapper",
            "consentRequired": false,
            "config": {
                "single": "true",
                "attribute.nameformat": "Basic",
                "attribute.name": "Role"
            }
        }
    ],
    "defaultClientScopes": [
        "role_list"
    ],
    "optionalClientScopes": [],
    "access": {
        "view": true,
        "configure": true,
        "manage": true
    }
}