SAMLAuthenticatorUpdateSpec

SAMLAuthenticatorUpdateSpec
SAMLAuthenticatorUpdateSpec

SAML Authenticator object to be updated.

JSON Example
{
    "administrator_url": "https://vidm.example.com/saas/api/1.0/GET/admindata",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIID8DCCAtigAwIBAgIFFVeQUwEwDQY...-----END CERTIFICATE-----\n",
    "certificate_type": "PEM",
    "description": "Dynamic Saml Authenticator",
    "label": "vidm.example.com",
    "metadata_url": "https://vidm.example.com/saas/api/1.0/GET/metadata/idp.xml",
    "password_mode": "REMOVE",
    "static_metadata": "<md:EntityDescriptor xmlns:..</md:EntityDescriptor>",
    "trigger_mode": "DISABLED"
}
string
administrator_url
Optional

The administrator URL for this SAML authenticator. This must specify a protocol (scheme) of http or https.

string
certificate
Optional

SAML Authenticator certificate.

string
certificate_type
Optional

Type of Certificate.

  • PEM: PEM encoded certificate type
  • UNKNOWN: Unknown certificate type
Possible values are : PEM, UNKNOWN,
string
description
Optional

The description of this SAML authenticator.

string
label
Required

The label for this SAML authenticator. It must be unique among all other SAML authenticators.

string
metadata_url
Optional

The metadata URL that this SAML authenticator uses to fetch metadata. This must specify a protocol (scheme) of https. It must be unique among all other SAML authenticators. This is required if authenticator_type is set to DYNAMIC.

string
password_mode
Optional

Indicates how password present in SAML assertion is handled if True SSO is triggered. This is required if the trigger_mode is set to ENABLE_ALWAYS or REQUIRE_ALWAYS.

  • REMOVE: Remove any passwords.
  • PASSTHRU: Pass through any passwords.
  • ERROR: Error if there is a password.
Possible values are : REMOVE, PASSTHRU, ERROR,
string
static_metadata
Optional

The static metadata of a SAML authenticator which contains an entity id, signing keys, and encryption keys for processing SAML authentication. This property is required if authenticator_type is set to STATIC.

string
trigger_mode
Required

Indicates how True SSO is triggered on sessions using this authenticator.

  • DISABLED: Do not use True SSO.
  • ENABLE_IF_NO_PASSWORD: If no password is supplied, use a valid (domain matching) connector if it exists.
  • REQUIRE_IF_NO_PASSWORD: If no password is supplied, use and require a valid (domain matching) connector.
  • ENABLE_ALWAYS: Regardless of a password, use a valid (domain matching) connector if it exists.
  • REQUIRE_ALWAYS: Regardless of a password, use and require a valid (domain matching) connector.
Possible values are : DISABLED, ENABLE_IF_NO_PASSWORD, REQUIRE_IF_NO_PASSWORD, ENABLE_ALWAYS, REQUIRE_ALWAYS,