Create SAML Authenticator
All the listed privileges are required -
| Privileges | Description |
|---|---|
| GLOBAL_CONFIG_MANAGEMENT | Caller should have permission to this privilege, to perform this operation. |
Request
URI
POST
https://{api_host}/rest/config/v1/saml-authenticators
COPY
Request Body
SAMLAuthenticatorCreateSpec of type(s) application/json
Required
{
"administrator_url": "https://vidm.example.com/saas/api/1.0/GET/admindata",
"authenticator_type": "DYNAMIC",
"certificate": "-----BEGIN CERTIFICATE-----\nMIID8DCCAtigAwIBAgIFFVeQUwEwDQY...-----END CERTIFICATE-----\n",
"certificate_type": "PEM",
"connection_server_ids": [
"11bd230b-87ce-3306-a943-810affe7b68a",
"aa36240c-a7f4-3a00-9e3d-e71e2df1cc1b"
],
"description": "Dynamic Saml Authenticator",
"label": "vidm.example.com",
"metadata_url": "https://vidm.example.com/saas/api/1.0/GET/metadata/idp.xml",
"password_mode": "REMOVE",
"static_metadata": "<md:EntityDescriptor xmlns:..</md:EntityDescriptor>",
"trigger_mode": "DISABLED"
}string
administrator_url
Optional
The administrator URL for this SAML authenticator. This must specify a protocol (scheme) of http or https.
string
authenticator_type
Required
The type of SAML authenticator.
- STATIC: Static SAML Authenticator, which contains SAML metadata.
- DYNAMIC: Dynamic SAML Authenticator fetches metadata dynamically using a provided URL.
Possible values are : STATIC, DYNAMIC,
string
certificate
Optional
SAML Authenticator certificate.
string
certificate_type
Optional
Type of Certificate.
- PEM: PEM encoded certificate type
- UNKNOWN: Unknown certificate type
Possible values are : PEM, UNKNOWN,
array of string
connection_server_ids
Optional
The list of Connection Servers for which this SAML authenticator is enabled.
string
description
Optional
The description of this SAML authenticator.
string
label
Required
The label for this SAML authenticator. It must be unique among all other SAML authenticators.
string
metadata_url
Optional
The metadata URL that this SAML authenticator uses to fetch metadata. This must specify a protocol (scheme) of https. It must be unique among all other SAML authenticators. This is required if authenticator_type is set to DYNAMIC.
string
password_mode
Optional
Indicates how password present in SAML assertion is handled if True SSO is triggered. This is required if the trigger_mode is set to ENABLE_ALWAYS or REQUIRE_ALWAYS.
- REMOVE: Remove any passwords.
- PASSTHRU: Pass through any passwords.
- ERROR: Error if there is a password.
Possible values are : REMOVE, PASSTHRU, ERROR,
string
static_metadata
Optional
The static metadata of a SAML authenticator which contains an entity id, signing keys, and encryption keys for processing SAML authentication. This property is required if authenticator_type is set to STATIC.
string
trigger_mode
Optional
Indicates how True SSO is triggered on sessions using this authenticator.
- DISABLED: Do not use True SSO.
- ENABLE_IF_NO_PASSWORD: If no password is supplied, use a valid (domain matching) connector if it exists.
- REQUIRE_IF_NO_PASSWORD: If no password is supplied, use and require a valid (domain matching) connector.
- ENABLE_ALWAYS: Regardless of a password, use a valid (domain matching) connector if it exists.
- REQUIRE_ALWAYS: Regardless of a password, use and require a valid (domain matching) connector.
Possible values are : DISABLED, ENABLE_IF_NO_PASSWORD, REQUIRE_IF_NO_PASSWORD, ENABLE_ALWAYS, REQUIRE_ALWAYS,
Responses
201
Created
Operation doesn't return any data structure
400
Bad Request
Operation doesn't return any data structure
401
User is not authenticated
Operation doesn't return any data structure
403
Access to the resource is forbidden
Operation doesn't return any data structure
404
Not Found
Operation doesn't return any data structure
409
Conflict
Operation doesn't return any data structure
Config Operations
POST
Add App Volumes Manager
POST
Add App Volumes Manager V2
POST
Assign Farms
POST
Clean
POST
Clear Event Database
POST
Collect
POST
Create Federation Access Group
POST
Create Gateway Access User Or Group
POST
Create GSSAPI Authenticator
POST
Create IC Domain Account
POST
Create IM Asset
POST
Create IM Assets
POST
Create IM Stream
POST
Create IM Streams
POST
Create IM Tag
POST
Create IM Tags
POST
Create IM Version
POST
Create IM Versions
POST
Create JWT Authenticator
POST
Create Local Access Group
POST
Create Message Client
POST
Create Permissions
POST
Create Permissions V2
POST
Create RADIUS Authenticator
POST
Create Role
POST
Create SAML Authenticator
POST
Create Secondary Credential
POST
Create True SSO Connector
POST
Create Unauthenticated Access User
POST
Create Virtual Center
POST
Create Virtual Center V4
POST
Create Virtual Center V5
DELETE
Delete App Volumes Manager
DELETE
Delete App Volumes Manager V2
DELETE
Delete Certificate
DELETE
Delete Federation Access Group
DELETE
Delete Gateway Access User Or Group
DELETE
Delete GSSAPI Authenticator
DELETE
Delete IC Domain Account
DELETE
Delete IM Asset
DELETE
Delete IM Stream
DELETE
Delete IM Tag
DELETE
Delete IM Version
DELETE
Delete JWT Authenticator
DELETE
Delete Local Access Group
DELETE
Delete Message Client
DELETE
Delete Permissions
DELETE
Delete Permissions V2
DELETE
Delete RADIUS Authenticator
DELETE
Delete Role
DELETE
Delete SAML Authenticator
DELETE
Delete Secondary Credential
DELETE
Delete True SSO Connector
DELETE
Delete Unauthenticated Access User
POST
Disable Connection Servers
POST
Enable Connection Servers
POST
Export Certificate
POST
Generate CSR
GET
Get Admin Users Or Groups Permissions
GET
Get AD Sites Info
GET
Get Agent Restriction Settings
GET
Get App Volumes Manager
GET
Get App Volumes Manager V2
GET
Get CEIP Info
GET
Get Client Settings
GET
Get Connection Server
GET
Get Connection Server V2
GET
Get Enrollment Server
GET
Get Environment
GET
Get Environment V2
GET
Get Event Database
GET
Get Feature Settings
GET
Get Federation Access Group
GET
Get Federation Access Group V2
GET
Get Gateway
GET
Get General Settings
GET
Get General Settings V2
GET
Get General Settings V3
GET
Get General Settings V4
GET
Get Global Policies
GET
Get GSSAPI Authenticator
GET
Get IC Domain Account
GET
Get IM Asset
GET
Get IM Stream
GET
Get IM Tag
GET
Get IM Version
GET
Get JWT Authenticator
GET
Get Local Access Group
GET
Get Local Access Group V2
GET
Get Message Client
GET
Get Permission
GET
Get Permission V2
GET
Get Preferences
GET
Get Preferences V2
GET
Get Pre Logon Settings
GET
Get RADIUS Authenticator
GET
Get Role
GET
Get SAML Authenticator
GET
Get Secondary Credentials
GET
Get Security Configuration Info
GET
Get Security Settings
GET
Get Security Settings V2
GET
Get Security Settings V3
GET
Get Security Settings V4
GET
Get Settings
GET
Get Settings V2
GET
Get Settings V3
GET
Get Settings V4
GET
Get Settings V5
POST
Get Storage Details
GET
Get Syslog
GET
Get True SSO Connector
GET
Get Unauthenticated Access User
GET
Get Users Or Group Local Summary V2
GET
Get Users Or Group Local Summary V3
GET
Get Users Or Groups Global Summary
GET
Get Virtual Center
GET
Get Virtual Center V4
GET
Get Virtual Center V5
POST
Import Certificate
GET
List App Volumes Managers
GET
List App Volumes Managers V2
GET
List Certificate Infos
GET
List Certificate Infos V2
GET
List Connection Servers
GET
List Connection Servers V2
GET
List Enrollment Servers
GET
List Federation Access Groups
GET
List Federation Access Groups V2
GET
List Gateway Access User Or Group
GET
List Gateways
GET
List GSSAPI Authenticators
GET
List IC Domain Accounts
GET
List IM Assets
GET
List IM Streams
GET
List IM Tags
GET
List IM Versions
GET
List JWT Authenticators
GET
List Licenses
GET
List Licenses V2
GET
List Local Access Groups
GET
List Local Access Groups V2
GET
List Log Collector Tasks
GET
List Message Clients
GET
List Permissions
GET
List Permissions V2
GET
List RADIUS Authenticators
GET
List RCX Servers
GET
List Roles
GET
List SAML Authenticators
GET
List Secondary Credentials
GET
List Selectable Privileges
GET
List True SSO Connectors
GET
List Unauthenticated Access Users
GET
List Users Or Groups Global Summary
GET
List Users Or Groups Local Summary
GET
List Users Or Groups Local Summary V2
GET
List Users Or Groups Local Summary V3
GET
List VC Info
GET
List VC Info V2
GET
List VC Info V3
GET
List VC Info V4
GET
List VC Info V5
POST
Mark Datastores For Archival
POST
Override Certificate
POST
Purge
POST
Push Certificates
POST
Recover Certificates
POST
Register Gateway
POST
Register RCX Client
DELETE
Remove Virtual Center
DELETE
Remove Virtual Center V5
POST
Reset Highest Usage Metrics
POST
Reset Named User Metrics
POST
Set License Key
POST
Set License Mode
POST
Unassign Farms
DELETE
Unregister Gateway
DELETE
Unregister RCX Client
PUT
Update Agent Restriction Settings
PUT
Update App Volumes Manager
PUT
Update App Volumes Manager V2
PUT
Update CEIP Info
PUT
Update Client Settings
PUT
Update Connection Server
PUT
Update Connection Server V2
PUT
Update Event Database
PUT
Update Feature Settings
PUT
Update General Settings
PUT
Update General Settings V2
PUT
Update General Settings V3
PUT
Update General Settings V4
PUT
Update Global Policies
PUT
Update GSSAPI Authenticator
PUT
Update IC Domain Account
PUT
Update IM Asset
PUT
Update IM Stream
PUT
Update IM Tag
PUT
Update IM Version
PUT
Update JWT Authenticator
PUT
Update Message Client
POST
Updatepassword
PUT
Update Preferences
PUT
Update Preferences V2
PUT
Update RADIUS Authenticator
PUT
Update RCX Client
PUT
Update Role
PUT
Update SAML Authenticator
PUT
Update Security Settings
PUT
Update Security Settings V3
PUT
Update Security Settings V4
PUT
Update Settings
PUT
Update Settings V2
PUT
Update Settings V3
PUT
Update Settings V4
PUT
Update Settings V5
PUT
Update Syslog
PUT
Update True SSO Connector
PUT
Update Virtual Center
PUT
Update Virtual Center V4
PUT
Update Virtual Center V5
POST
Validate AVM Certificate
POST
Validate SAML Certificate
POST
Validate Virtual Center Certificate