.. _aam_authentication_saml_service_provider: aam authentication saml service-provider ======================================== Authentication service provider service-provider Specification ------------------------------ ===================================== ======================================================================================== **Parameter** **Value** ===================================== ======================================================================================== **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`76_service-provider_list` **Collection URI** /axapi/v3/aam/authentication/saml/service-provider **Element Name** service-provider **Element URI** /axapi/v3/aam/authentication/saml/service-provider/{name} **Element Attributes** service-provider_attributes **Partition Visibility** shared **Statistics Data URI** /axapi/v3/aam/authentication/saml/service-provider/{name}/stats **Schema** :download:`service-provider schema ` ===================================== ======================================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/saml/service-provider .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
Create List .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/saml/service-provider .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/saml/service-provider/{name} .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
Get List .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/saml/service-provider .. raw:: html :ref:`76_service-provider_list` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/saml/service-provider/{name} .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/aam/authentication/saml/service-provider/{name} .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
Replace List .. raw:: html PUT .. raw:: html /axapi/v3/aam/authentication/saml/service-provider .. raw:: html :ref:`76_service-provider_list` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/aam/authentication/saml/service-provider/{name} .. raw:: html :ref:`76_service-provider_attributes` .. raw:: html
.. _76_service-provider_list: service-provider-list --------------------- service-provider-list is **JSON List** of :ref:`76_service-provider_attributes` service-provider-list : [ { :ref:`76_service-provider_attributes` }, { :ref:`76_service-provider_attributes` }, ... ] .. _76_service-provider_attributes: service-provider attributes --------------------------- **SP-initiated-single-logout-service** **Type:** List **acs-uri-bypass** **Description** After user authenticated, bypass requests with assertion-consuming-service location URI **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **adfs-ws-federation** **Description:** adfs-ws-federation is a **JSON Block**. Please see below for :ref:`76_adfs-ws-federation` **Type:** Object **artifact-resolution-service** **Type:** List **assertion-consuming-service** **Type:** List **bad-request-redirect-url** **Description** Specify URL to redirect **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **certificate** **Description** SAML service provider certificate file (PFX format is required.) **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **entity-id** **Description** SAML service provider entity ID **Type:** string **Format:** string-rlx **Maximum Length:** 1023 characters **Maximum Length:** 1 characters **metadata-export-service** **Description:** metadata-export-service is a **JSON Block**. Please see below for :ref:`76_metadata-export-service` **Type:** Object **name** **Description** Specify SAML authentication service provider name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **packet-capture-template** **Description** Name of the packet capture template to be bind with this object **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/visibility/packet-capture/object-templates/aam-auth-saml-service-prov-tmpl ` **require-assertion-signed** **Description:** require-assertion-signed is a **JSON Block**. Please see below for :ref:`76_require-assertion-signed` **Type:** Object **saml-request-signed** **Description:** saml-request-signed is a **JSON Block**. Please see below for :ref:`76_saml-request-signed` **Type:** Object **sampling-enable** **Type:** List **service-url** **Description** SAML service provider service URL (ex. https://www.a10networks.com/saml.sso) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **signature-algorithm** **Description** 'SHA1': use SHA1 as signature algorithm (default); 'SHA256': use SHA256 as signature algorithm; **Type:** string **Supported Values:** SHA1, SHA256 **Default:** SHA1 **single-logout-service** **Type:** List **soap-tls-certificate-validate** **Description:** soap-tls-certificate-validate is a **JSON Block**. Please see below for :ref:`76_soap-tls-certificate-validate` **Type:** Object **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _76_require-assertion-signed: require-assertion-signed ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **require-assertion-signed-enable** **Description** Enable required signing of SAML assertion **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _76_single-logout-service: single-logout-service ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **SLO-binding** **Description** 'post': POST binding of single logout service; 'redirect': Redirect binding of single logout service; 'soap': SOAP binding of single logout service; **Type:** string **Supported Values:** post, redirect, soap **SLO-location** **Description** The location of name-id management service. (ex. /SAML/POST) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _76_assertion-consuming-service: assertion-consuming-service ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **assertion-binding** **Description** 'artifact': Artifact binding of assertion consuming service; 'paos': PAOS binding of assertion consuming service; 'post': POST binding of assertion consuming service; **Type:** string **Supported Values:** artifact, paos, post **assertion-index** **Description** The index of assertion consuming service **Type:** number **Range:** 0-5 **assertion-location** **Description** The location of assertion consuming service endpoint. (ex. /SAML/POST) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _76_sampling-enable: sampling-enable ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'sp-metadata-export-req': Metadata Export Request; 'sp-metadata-export-success': Metadata Export Success; 'login-auth-req': Login Authentication Request; 'login-auth-resp': Login Authentication Response; 'acs-req': SAML Single-Sign-On Request; 'acs-success': SAML Single-Sign-On Success; 'acs-authz-fail': SAML Single-Sign-On Authorization Fail; 'acs-error': SAML Single-Sign-On Error; 'slo-req': Single Logout Request; 'slo-success': Single Logout Success; 'slo-error': Single Logout Error; 'sp-slo-req': SP-initiated Single Logout Request; 'glo-slo-success': Total Global Logout Success; 'loc-slo-success': Total Local Logout Success; 'par-slo-success': Total Partial Logout Success; 'other-error': Other Error; **Type:** string **Supported Values:** all, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, sp-slo-req, glo-slo-success, loc-slo-success, par-slo-success, other-error .. _76_saml-request-signed: saml-request-signed ^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **saml-request-signed-disable** **Description** Disable signing signature for SAML (Authn/Artifact Resolve) requests **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _76_SP-initiated-single-logout-service: SP-initiated-single-logout-service ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **SP-SLO-location** **Description** The location of SP-initiated single logout service endpoint. (ex. /Logout) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **asynchronous** **Description** the IDP will not send a logout response to AX **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _76_adfs-ws-federation: adfs-ws-federation ^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **ws-federation-enable** **Description** Enable ADFS WS-Federation **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _76_soap-tls-certificate-validate: soap-tls-certificate-validate ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **soap-tls-certificate-validate-disable** **Description** Disable verification for server certificate in TLS session when resolving artificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _76_artifact-resolution-service: artifact-resolution-service ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **artifact-binding** **Description** 'soap': SOAP binding of artifact resolution service; **Type:** string **Supported Values:** soap **artifact-index** **Description** The index of artifact resolution service **Type:** number **Range:** 0-5 **artifact-location** **Description** The location of artifact resolution service. (ex. /SAML/POST) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _76_metadata-export-service: metadata-export-service ^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **md-export-location** **Description** Specify the URI to export SP metadata (Export URI. Default is /A10SP_Metadata) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **sign-xml** **Description** Sign exported SP metadata XML with SP's certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0