IdP Session ID question

Mak, Steve makst at
Fri May 8 17:14:00 UTC 2020

Hi all,

I have a request from our security dept to include IdP Session ID in the audit logs and I had some concerns before doing that.

1. How sensitive is the idp session id value?
2. Has anyone written a script to perform a one-way hash on the value for logging purposes?
3. Does the idp session id sensitivity change if we have idp.session.consistentAddress = false ?

Thank you in advance,

Steven Mak | Application Developer
University of Pennsylvania - ISC IAM
3401 Walnut St, Philadelphia PA 19104
T: 215-573-7214

More information about the users mailing list