SSO Service REST Endpoints
OIFR1/SSO Service
The REST endpoint POST request is used to configure the SSO service. This API is used for wiring with Fusion Applications and it configures the FAAuthScheme.
For Fusion Applications, IdP is configured at global level to:
- Enable SAML 2.0 only.
- Enable SSO POST, SSO Artifact, SLO Redirect profiles only.
- NameID:
- Email Address with mail as the attribute of the user.
- Unspecified with uid as the attribute of the user (default).
- One set of keys/certificates for SAML operations.
OAM/Fed will be able to have specific SP Partner configuration:
- SSO binding to be used.
- NameID format and value to be used.
- Extra attributes to be sent
- NameID value sent as an attribute: SP Partner will indicate the SAML Attribute name, and whether to send user's ID or email address.
- Static attribute value used by the SP during Assertion mapping operations: SP Partner will indicate the SAML Attribute name and its value.
- Configure SSO Service
- Method: postPath:
/oam/services/rest/11.1.2.0.0/fed/admin/ssoservice