aam authentication saml service-provider¶
Authentication service provider
service-provider Specification¶
Type
Collection
Object Key(s)
name
Collection Name
Collection URI
/axapi/v3/aam/authentication/saml/service-provider
Element Name
service-provider
Element URI
/axapi/v3/aam/authentication/saml/service-provider/{name}
Element Attributes
service-provider_attributes
Statistics Data URI
/axapi/v3/aam/authentication/saml/service-provider/{name}/stats
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/aam/authentication/saml/service-provider | ||
Create List | POST | /axapi/v3/aam/authentication/saml/service-provider | ||
Get Object | GET | /axapi/v3/aam/authentication/saml/service-provider/{name} | ||
Get List | GET | /axapi/v3/aam/authentication/saml/service-provider | ||
Modify Object | POST | /axapi/v3/aam/authentication/saml/service-provider/{name} | ||
Replace Object | PUT | /axapi/v3/aam/authentication/saml/service-provider/{name} | ||
Replace List | PUT | /axapi/v3/aam/authentication/saml/service-provider | ||
Delete Object | DELETE | /axapi/v3/aam/authentication/saml/service-provider/{name} |
service-provider-list¶
service-provider-list is JSON List of service-provider attributes
service-provider-list : [
]
service-provider attributes¶
SP-initiated-single-logout-service
Type: List
acs-uri-bypass
Description After user authenticated, bypass requests with assertion-consuming-service location URI
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
adfs-ws-federation
Description: adfs-ws-federation is a JSON Block. Please see below for adfs-ws-federation
Type: Object
artifact-resolution-service
Type: List
assertion-consuming-service
Type: List
bad-request-redirect-url
Description Specify URL to redirect
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
certificate
Description SAML service provider certificate file (PFX format is required.)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
entity-id
Description SAML service provider entity ID
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
metadata-export-service
Description: metadata-export-service is a JSON Block. Please see below for metadata-export-service
Type: Object
name
Description Specify SAML authentication service provider name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
require-assertion-signed
Description: require-assertion-signed is a JSON Block. Please see below for require-assertion-signed
Type: Object
saml-request-signed
Description: saml-request-signed is a JSON Block. Please see below for saml-request-signed
Type: Object
service-url
Description SAML service provider service URL (ex. https://www.a10networks.com/saml.sso)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
signature-algorithm
Description ‘SHA1’: use SHA1 as signature algorithm (default); ‘SHA256’: use SHA256 as signature algorithm;
Type: string
Supported Values: SHA1, SHA256
Default: SHA1
single-logout-service
Type: List
soap-tls-certificate-validate
Description: soap-tls-certificate-validate is a JSON Block. Please see below for soap-tls-certificate-validate
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
require-assertion-signed¶
Specification
Type
object
require-assertion-signed-enable
Description Enable required signing of SAML assertion
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
single-logout-service¶
Specification
Type
list
Block object keys
SLO-binding
Description ‘post’: POST binding of single logout service; ‘redirect’: Redirect binding of single logout service; ‘soap’: SOAP binding of single logout service;
Type: string
Supported Values: post, redirect, soap
SLO-location
Description The location of name-id management service. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
assertion-consuming-service¶
Specification
Type
list
Block object keys
assertion-binding
Description ‘artifact’: Artifact binding of assertion consuming service; ‘paos’: PAOS binding of assertion consuming service; ‘post’: POST binding of assertion consuming service;
Type: string
Supported Values: artifact, paos, post
assertion-index
Description The index of assertion consuming service
Type: number
Range: 0-5
assertion-location
Description The location of assertion consuming service endpoint. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
saml-request-signed¶
Specification
Type
object
saml-request-signed-disable
Description Disable signing signature for SAML (Authn/Artifact Resolve) requests
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
SP-initiated-single-logout-service¶
Specification
Type
list
Block object keys
SP-SLO-location
Description The location of SP-initiated single logout service endpoint. (ex. /Logout)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
asynchronous
Description the IDP will not send a logout response to AX
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
adfs-ws-federation¶
Specification
Type
object
ws-federation-enable
Description Enable ADFS WS-Federation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
soap-tls-certificate-validate¶
Specification
Type
object
soap-tls-certificate-validate-disable
Description Disable verification for server certificate in TLS session when resolving artificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
artifact-resolution-service¶
Specification
Type
list
Block object keys
artifact-binding
Description ‘soap’: SOAP binding of artifact resolution service;
Type: string
Supported Values: soap
artifact-index
Description The index of artifact resolution service
Type: number
Range: 0-5
artifact-location
Description The location of artifact resolution service. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
metadata-export-service¶
Specification
Type
object
md-export-location
Description Specify the URI to export SP metadata (Export URI. Default is /A10SP_Metadata)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sign-xml
Description Sign exported SP metadata XML with SP’s certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
stats data¶
Counter |
Size |
Description |
|
|---|---|---|---|
login-auth-req |
8 |
Login Authentication Request |
|
slo-error |
8 |
Single Logout Error |
|
sp-metadata-export-success |
8 |
Metadata Export Success |
|
par-slo-success |
8 |
Total Partial Logout Success |
|
acs-authz-fail |
8 |
SAML Single-Sign-On Authorization Fail |
|
loc-slo-success |
8 |
Total Local Logout Success |
|
slo-req |
8 |
Single Logout Request |
|
login-auth-resp |
8 |
Login Authentication Response |
|
slo-success |
8 |
Single Logout Success |
|
acs-success |
8 |
SAML Single-Sign-On Success |
|
acs-error |
8 |
SAML Single-Sign-On Error |
|
other-error |
8 |
Other Error |
|
glo-slo-success |
8 |
Total Global Logout Success |
|
acs-req |
8 |
SAML Single-Sign-On Request |
|
sp-metadata-export-req |
8 |
Metadata Export Request |
|
sp-slo-req |
8 |
SP-initiated Single Logout Request |