Skip to main content
Skip table of contents


Starting with version 3.5.2, SPNEGO authentications now create the identity in Veridium (if not previously registered). This will improve the audit of SPNEGO sessions, mitigate some backend errors and will allow a smoother rollout for Veridium users. No authenticators or credentials are visible in Veridium Manager and Self Service Portal for users created only with this method of authentication.
Note: For the mechanism described above to work, the option Create Profile When Authenticated Externally needs to be enabled in Veridium Manager / Settings / General section.


Basic Description

Default Value

Enable SPNEGO Authentication

Enable SPNEGO-based Kerberos authentication, complying with RFC 4559, 'SPNEGO-based Kerberos and NTLM HTTP Authentication'

Switched on

Kerberos KeyTab List

Contains Service Principal and Kerberos KeyTab file uploader.

Actions available on this page:

  • Live reload - when enabled, the Shiboleth services will be restarted if any change in the configuration will occur

  • Check IDP health - used to verify the health of the IDP

  • Download IDP Metadata - used to download the Veridium SAML Metadata into a file

  • Copy IDP Metadata URL - used to copy to clipboard the Veridium SAML Metadata url

  • Copy IDP URL for Netscaler - used to copy to clipboard the Veridium SAML Metadata Netscaler URL

  • Download IDP Signing Certificate - used to download the IDP Signing Certificate

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.