Manage SAML Configuration

Security Assertion Markup Language (SAML) is an XML-based open-standard that defines a framework for exchanging security information between online business partners, for example, transferring identity data between an identity provider (IdP) and a service provider (SP).

View SAML Settings

This API returns the SAML settings required in the SAML SSO configuration with a service provider.

GET	{{url}}/api/saml/settings/

Request Example

An example GET request for view SAML settings is shown here.

curl --location --request GET '{{url}}/api/saml/settings' \
--header 'Authorization: TOKEN {{apiToken}}'

Response Example

An example response on GET request for view SAML settings is shown here.

Status: 200 OK

[
    {
        "id": 3,
        "issuer": "https://test.britive-app.com",
        "x509CertExpirationDate": "2022-01-01T00:00:00Z",
        "signInUrl": "https://test.britive-app.com/api/auth/saml",
        "signOutUrl": "https://test.britive-app.com/logout"
    }
]

Note

The certificate expiration format is "CertExpirationDate":"YYYY-MM-DDT00:00:00Z"

Download SAML Metadata

This API downloads the SAML metadata required in the SAML SSO configuration with a service provider. This operation is supported only in AWS and Oracle Cloud.

GET	{{url}}/api/saml/metadata/{{id}}

Request Example

An example GET request for downloading SAML metadata is shown here.

curl --location --request GET '{{url}}/api/saml/metadata/{{id}}' \
--header 'Authorization: TOKEN {{apiToken}}'

Response Example

An example response on GET request for downloading SAML metadata is shown here.

Status: 200 OK

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://test.britive-app.com">
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>AAA</ds:X509Certificate>
                </ds:X509Data>
                <ds:KeyName/>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.britive-app.com/api/auth/saml"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.britive-app.com/api/auth/saml"/>
    </md:IDPSSODescriptor>
</md:EntityDescriptor>

Download SAML Certificate

This API downloads the SAML certificate required in the SAML SSO configuration with a service provider. This operation is applicable for applications that do not support importing SAML metadata.

GET	{{url}}/api/saml/certificate/{{id}}

Request Example

An example GET request for downloading SAML certificate is shown here.

curl --location --request GET '{{url}}/api/saml/certificate/{{id}}' \
--header 'Authorization: TOKEN {{apiToken}}'

Response Example

An example response on GET request for downloading SAML certificate is shown here.

Status: 200 OK