Create Partner
post
/oam/services/rest/11.1.2.0.0/fed/admin/trustedpartners/sp/{partnerName}
A specific SP partner resource is created by this method, where partnerName is the name of the partner to be created.
Request
Supported Media Types
- application/json
- application/xml
- text/xml
Path Parameters
-
partnerName: string
SP Partner name
SP Partner details
Root Schema : spPartnerData
Type:
object
Data-Set of SP Partner
Show Source
-
adminFedInstanceType:
string
Allowed Values:
[ "facloud", "onpremise" ]
indicates the type of Federation partner- facloud: represents an FA SaaS Cloud OIF server
- onpremise: represents a customer owned Federation server
-
assertionConsumerURL:
string
the SAML 2.0 Assertion Consumer service URL where the user will be redirected by the IdP with a SAML 2.0 Assertion
-
customAttrsStr:
string
indicates a list of optional attributes (if missing, then the attribute will not be sent)
-
emailAttrName:
string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's email (if missing, then the attribute name will not be set to email)
-
encryptionCert:
string
the Base64 encoded X.509 Encryption Certificate used by the SP to decrypt encrypted SAML messages
-
encryptionKeystoreAccessTemplateId:
string
indicates the Keystore access template id to be used in encryption certificate. The default value is osts_encryption if this parameter has not been set
-
firstNameAttrName:
string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's first name (if missing, then the attribute name will not be set to lastname)
-
generateNewKeys:
string
Allowed Values:
[ "true", "false" ]
indicates whether or not new keys and corresponding self signed certificates should be generated for SAML operations, also indicates if new cryptographic materials should be re-generated -
lastNameAttrName:
string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's last name (if missing, then the attribute name will not be set to firstname)
-
logoutRequestURL:
string
the URL that will be used by the IdP to redirect the user to the SP for the Logout Redirect profile with the SAML
-
logoutResponseURL:
string
the URL that will be used by the IdP to redirect the user to the SP for the Logout Redirect profile with the SAML LogoutResponse
-
metadataB64:
string
the Base64 encoded metadata of the SP server that will be sent to the IdP. If not specified, metadataURL will be used
-
metadataURL:
string
URL where the SP metadata can be downloaded
-
nameIDFormat:
string
Allowed Values:
[ "emailaddress", "unspecified" ]
the NameID format used during Federation SSO. If emailaddress, then the NameID value of an Assertion created by the IdP will contain the user's email address; if unspecified, then the NameID value of an Assertion created by the IdP will contain the user's ID -
partnerName:
string
the partner name to be used
-
partnerType:
string
Allowed Values:
[ "sp" ]
Partner Type -
preverify:
string
boolean indicating if the call is to perform a pre-verification check. If true, the service will need to ensure the method can be invoked before the changes are performed in a subsequent call
-
providerID:
string
the SP's ProviderID
-
signatureDigestAlgorithm:
string
indicates SAML signature hashing algorithm to be used. Possible values are SHA-1 or SHA-256. The default value is SHA-1 if this parameter has not been set
-
signingCert:
string
the Base64 encoded X.509 Signing Certificate used by the SP to sign messages
-
signingKeystoreAccessTemplateId:
string
indicates the Keystore access template id to be used in signing certificate. The default value is osts_signing if this parameter has not been set
-
ssoProfile:
string
Allowed Values:
[ "httppost", "artifact" ]
the SAML 2.0 SSO profile to use -
ssoSOAPURL:
string
SSO SOAP URL for the SP Partner
-
ssoURL:
string
the SAML 2.0 Single Sign-On service URL where the user will be redirected by the SP with a SAML 2.0 AuthnRequest with Redirect profile
-
staticAttrName:
string
indicates if a static attribute should be sent and how it should be referenced (if missing, then the attribute will not be sent). staticAttrName and staticAttrValue are required
-
staticAttrValue:
string
indicates if a static attribute should be sent and what value should be used (if missing, then the attribute will not be sent). staticAttrName and staticAttrValue are required
-
tenantName:
string
the customers' tenant name in the PaaS (only used if OIF is multi tenant enabled)
-
tenantURL:
string
: the customers' tenant URL path. (only used if OIF is multi tenant enabled; required)
-
userNameAttrName:
string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the userID (if missing, then the attribute name will not be set to username)
-
validityNewKeys:
string
indicates the validity in days of the self signed certificates
Response
Supported Media Types
- application/json
200 Response
OK
Partner info
Root Schema : partnerInfo
Type:
object
Partner info
Show Source
-
adminManualCreation:
string
adminManualCreation for the Partner
-
assertionConsumerURL:
string
AssertionConsumerURL for the Partner
-
displayEncryptionCertDN:
string
DisplayEncryptionCertDN for the Partner
-
displayEncryptionCertExpiration:
string
DisplayEncryptionCertExpiration for the Partner
-
displayEncryptionCertIssuerDN:
string
DisplayEncryptionCertIssuerDN for the Partner
-
displayEncryptionCertStart:
string
DisplayEncryptionCertStart for the Partner
-
displaySigningCertDN:
string
DisplaySigningCertDN for the Partner
-
displaySigningCertExpiration:
string
DisplaySigningCertExpiration for the Partner
-
displaySigningCertIssuerDN:
string
DisplaySigningCertIssuerDN for the Partner
-
displaySigningCertStart:
string
DisplaySigningCertStart for the Partner
-
logoutRequestURL:
string
LogoutRequestURL for the Partner
-
logoutResponseURL:
string
LogoutResponseURL for the Partner
-
metadataB64:
string
Metadata Base64 encoded String
-
nameIDFormat:
string
NameID Format for the Partner
-
partnerName:
string
Partner name for the Partner
-
providerID:
string
ProviderID for the Partner
-
ssoProfile:
string
SSO Profile for the Partner
400 Response
Bad Request.
500 Response
INTERNAL SERVER ERROR.