Download OpenAPI specification:
Used to get all or some of the SAML authentication properties for the given domain, in JSON format
| domain required | string Example: demo.zextras.io domain we want the configuration of |
| keys | string Example: keys=sp.entityid,idp.entityid comma delimited list of properties |
| raw | boolean Example: raw=true if true, defaults are not applied and only stored properties are returned |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to update specific properties of the SAML authentication configuration for the given domain
| domain required | string Example: demo.zextras.io domain we want to update |
| sp.entityid required | string Unique identifier for the Carbonio instance, as configured in the IdP for the carbonio instance / domain pair |
| sp.assertion_consumer_service.url required | string Carbonio endpoint where the IdP should send login / logout assertions |
| idp.entityid required | string Unique identifier of the IdP SAML configuration for this instance of Carbonio |
| idp.single_sign_on_service.url required | string IdP endpoint for Single Sign On requests |
| idp.x509cert required | string IdP X509 certificate, used to verify IdP signatures |
| sp.x509cert | string Carbonio X509 certificate, used to sign requests to the IdP |
| sp.assertion_consumer_service.binding | string Value: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" type of requests that the IdP should send to carbonio for login / logout |
| sp.single_logout_service.url | string not used |
| sp.single_logout_service.binding | string not used |
| sp.nameidformat | string format for the user name requested to the IdP, so that it matches with local account email |
| sp.privatekey | string Carbonio X509 certificate private key, used to sign requests to the IdP |
| idp.single_sign_on_service.binding | string Request type to send to the IdP Single Sign On endpoint |
| idp.single_logout_service.url | string IdP Single Logout endpoint |
| idp.single_logout_service.response.url | string not used |
| idp.single_logout_service.binding | string Request type to send to the IdP Single Logout endpoint |
| security.nameid_encrypted | boolean send account identifier in encrypted form |
| security.authnrequest_signed | boolean send authentication requests with signature |
| security.logoutrequest_signed | boolean send logout requests with signature |
| security.logoutresponse_signed | boolean send logout response with signature |
| security.want_messages_signed | boolean require signature from the IdP |
| security.want_assertions_signed | boolean require signature in login / logout assertions from the IdP |
| security.sign_metadata | boolean sign metadata response |
| security.want_assertions_encrypted | boolean require encrypted assertions from the IdP |
| security.want_nameid_encrypted | boolean require encrypted account identifier from the IdP |
| security.requested_authncontext | string allows specifying the authentication context if the IdP supports more than one |
| security.requested_authncontextcomparison | string authentication context comparison method |
| security.want_xml_validation | boolean validates XML validity of assertions |
| security.signature_algorithm | string encryption alghoritm to use |
| organization.name | string Simple name of the organization |
| organization.displayname | string Display name of the organization |
| organization.url | string URL of the organization website |
| organization.lang | string main language of the organization |
| contacts.technical.given_name | string Technical contact name for the organization |
| contacts.technical.email_address | string Technical contact email address for the organization |
| contacts.support.given_name | string Support contact name for the organization |
| contacts.support.email_address | string Support contact email address for the organization |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to import the SAML configuration of a domain from a JSON or XML document, either embedded in the request, or referenced as an external URL
| domain required | string Example: demo.zextras.io domain we want to update |
| url | string Example: url=demo.zextras.io url to fetch the JSON or XML document from, instead of the request body |
| allowUnsecure | boolean Example: allowUnsecure=true if true and url is used, allow fetching from sites with and invalid (or self-signed) SSL certificates |
| validate | boolean Example: validate=true if true properties are validated before storing |
| sp.entityid required | string Unique identifier for the Carbonio instance, as configured in the IdP for the carbonio instance / domain pair |
| sp.assertion_consumer_service.url required | string Carbonio endpoint where the IdP should send login / logout assertions |
| idp.entityid required | string Unique identifier of the IdP SAML configuration for this instance of Carbonio |
| idp.single_sign_on_service.url required | string IdP endpoint for Single Sign On requests |
| idp.x509cert required | string IdP X509 certificate, used to verify IdP signatures |
| sp.x509cert | string Carbonio X509 certificate, used to sign requests to the IdP |
| sp.assertion_consumer_service.binding | string Value: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" type of requests that the IdP should send to carbonio for login / logout |
| sp.single_logout_service.url | string not used |
| sp.single_logout_service.binding | string not used |
| sp.nameidformat | string format for the user name requested to the IdP, so that it matches with local account email |
| sp.privatekey | string Carbonio X509 certificate private key, used to sign requests to the IdP |
| idp.single_sign_on_service.binding | string Request type to send to the IdP Single Sign On endpoint |
| idp.single_logout_service.url | string IdP Single Logout endpoint |
| idp.single_logout_service.response.url | string not used |
| idp.single_logout_service.binding | string Request type to send to the IdP Single Logout endpoint |
| security.nameid_encrypted | boolean send account identifier in encrypted form |
| security.authnrequest_signed | boolean send authentication requests with signature |
| security.logoutrequest_signed | boolean send logout requests with signature |
| security.logoutresponse_signed | boolean send logout response with signature |
| security.want_messages_signed | boolean require signature from the IdP |
| security.want_assertions_signed | boolean require signature in login / logout assertions from the IdP |
| security.sign_metadata | boolean sign metadata response |
| security.want_assertions_encrypted | boolean require encrypted assertions from the IdP |
| security.want_nameid_encrypted | boolean require encrypted account identifier from the IdP |
| security.requested_authncontext | string allows specifying the authentication context if the IdP supports more than one |
| security.requested_authncontextcomparison | string authentication context comparison method |
| security.want_xml_validation | boolean validates XML validity of assertions |
| security.signature_algorithm | string encryption alghoritm to use |
| organization.name | string Simple name of the organization |
| organization.displayname | string Display name of the organization |
| organization.url | string URL of the organization website |
| organization.lang | string main language of the organization |
| contacts.technical.given_name | string Technical contact name for the organization |
| contacts.technical.email_address | string Technical contact email address for the organization |
| contacts.support.given_name | string Support contact name for the organization |
| contacts.support.email_address | string Support contact email address for the organization |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to remove specific properties (or all of them) of the SAML authentication configuration for the given domain
| domain required | string Example: demo.zextras.io domain we want to remove properties from |
| keys | string Example: keys=idp.entityid,sp.entityid comma delimited list of properties to remove, if missing all properties are deleted |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to validate the SAML authentication properties for the given domain
| domain required | string Example: demo.zextras.io domain we want to validate the configuration of |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to validate a SAML configuration document, in JSON or XML format, either embedded in the request, or referenced as an external URL
| url | string Example: url=demo.zextras.io url to fetch the JSON or XML document from, instead of the request body |
| allowUnsecure | boolean Example: allowUnsecure=true if true and url is used, allow fetching from sites with and invalid (or self-signed) SSL certificates |
| sp.entityid required | string Unique identifier for the Carbonio instance, as configured in the IdP for the carbonio instance / domain pair |
| sp.assertion_consumer_service.url required | string Carbonio endpoint where the IdP should send login / logout assertions |
| idp.entityid required | string Unique identifier of the IdP SAML configuration for this instance of Carbonio |
| idp.single_sign_on_service.url required | string IdP endpoint for Single Sign On requests |
| idp.x509cert required | string IdP X509 certificate, used to verify IdP signatures |
| sp.x509cert | string Carbonio X509 certificate, used to sign requests to the IdP |
| sp.assertion_consumer_service.binding | string Value: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" type of requests that the IdP should send to carbonio for login / logout |
| sp.single_logout_service.url | string not used |
| sp.single_logout_service.binding | string not used |
| sp.nameidformat | string format for the user name requested to the IdP, so that it matches with local account email |
| sp.privatekey | string Carbonio X509 certificate private key, used to sign requests to the IdP |
| idp.single_sign_on_service.binding | string Request type to send to the IdP Single Sign On endpoint |
| idp.single_logout_service.url | string IdP Single Logout endpoint |
| idp.single_logout_service.response.url | string not used |
| idp.single_logout_service.binding | string Request type to send to the IdP Single Logout endpoint |
| security.nameid_encrypted | boolean send account identifier in encrypted form |
| security.authnrequest_signed | boolean send authentication requests with signature |
| security.logoutrequest_signed | boolean send logout requests with signature |
| security.logoutresponse_signed | boolean send logout response with signature |
| security.want_messages_signed | boolean require signature from the IdP |
| security.want_assertions_signed | boolean require signature in login / logout assertions from the IdP |
| security.sign_metadata | boolean sign metadata response |
| security.want_assertions_encrypted | boolean require encrypted assertions from the IdP |
| security.want_nameid_encrypted | boolean require encrypted account identifier from the IdP |
| security.requested_authncontext | string allows specifying the authentication context if the IdP supports more than one |
| security.requested_authncontextcomparison | string authentication context comparison method |
| security.want_xml_validation | boolean validates XML validity of assertions |
| security.signature_algorithm | string encryption alghoritm to use |
| organization.name | string Simple name of the organization |
| organization.displayname | string Display name of the organization |
| organization.url | string URL of the organization website |
| organization.lang | string main language of the organization |
| contacts.technical.given_name | string Technical contact name for the organization |
| contacts.technical.email_address | string Technical contact email address for the organization |
| contacts.support.given_name | string Support contact name for the organization |
| contacts.support.email_address | string Support contact email address for the organization |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}Used to automatically generate an X509 certificate and the related private key that will be used to sign requests to the IdP
| domain required | string Example: demo.zextras.io domain we want to configure |
| days | integer Example: days=365 days of validity of the generated certificate |
| organization | string Example: organization=Zextras name of the organization that will be part of the certificate subject |
| organizationalUnit | string Example: organizationalUnit=Zextras name of the organizational unit that will be part of the certificate subject |
| country | string Example: country=IT name of the country that will be part of the certificate subject |
| state | string Example: state=VI name of the state/province that will be part of the certificate subject |
| location | string Example: location=Vicenza name of the city/town that will be part of the certificate subject |
| digest | string Example: digest=SHA256 Digest alghoritm used to sign messages |
| encryption | string Example: encryption=RSA:2048 Encryption alghoritm (and bit size) used to encrypt messages |
{- "idp.single_sign_on_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/appId/sso/saml",
- "idp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.x509cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
- "sp.assertion_consumer_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
- "sp.single_logout_service.url": "string",
- "sp.single_logout_service.binding": "string",
- "sp.nameidformat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
- "sp.privatekey": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----",
- "idp.single_sign_on_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "idp.single_logout_service.url": "https://zextras.okta.com/app/zextrassrl_zimbrassotest_1/exk1t7tdyqj35vUF6357/slo/saml",
- "idp.single_logout_service.response.url": "string",
- "idp.single_logout_service.binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
- "security.nameid_encrypted": false,
- "security.authnrequest_signed": false,
- "security.logoutrequest_signed": false,
- "security.logoutresponse_signed": false,
- "security.want_messages_signed": false,
- "security.want_assertions_signed": false,
- "security.sign_metadata": false,
- "security.want_assertions_encrypted": false,
- "security.want_nameid_encrypted": false,
- "security.requested_authncontext": "urn:oasis:names:tc:SAML:2.0:ac:classes:Password",
- "security.requested_authncontextcomparison": "exact",
- "security.want_xml_validation": true,
- "organization.name": "Zextras",
- "organization.displayname": "Zextras",
- "organization.lang": "en",
- "contacts.technical.given_name": "OneGuy",
- "contacts.technical.email_address": "oneguy@zextras.com",
- "contacts.support.given_name": "OneGuy",
- "contacts.support.email_address": "oneguy@zextras.com"
}