Create Partner
post
/oam/services/rest/11.1.2.0.0/fed/admin/trustedsppartners
The REST endpoint service request is used to create trusted SP Partner using FORM data.
Request
Supported Media Types
- multipart/form-data
Form Parameters
-
assertionConsumerURL: string
the SAML 2.0 Assertion Consumer service URL where the user will be redirected by the IdP with a SAML 2.0 Assertion
-
customAttrs: string
indicates a list of optional attributes (if missing, then the attribute will not be sent)
-
emailAttrName: string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's email (if missing, then the attribute name will not be set to email)
-
encryptionCert: string
the Base64 encoded X.509 Encryption Certificate used by the SP to decrypt encrypted SAML messages
-
firstNameAttrName: string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's first name (if missing, then the attribute name will not be set to lastname)
-
generateNewKeys: string
indicates whether or not new keys and corresponding self signed certificates should be generated for SAML operations, also indicates if new cryptographic materials should be re-generatedAllowed Values:
[ "true", "false" ] -
idpTenantName: string
the customers' tenant name in the PaaS (only used if OIF is multi tenant enabled)
-
idpTenantURL: string
the customers' tenant URL path. (only used if OIF is multi tenant enabled; required)
-
lastNameAttrName: string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the user's last name (if missing, then the attribute name will not be set to firstname)
-
logoutRequestURL: string
the URL that will be used by the IdP to redirect the user to the SP for the Logout Redirect profile with the SAML
-
logoutResponseURL: string
the URL that will be used by the IdP to redirect the user to the SP for the Logout Redirect profile with the SAML LogoutResponse
-
metadata: string
the Base64 encoded metadata of the SP server that will be sent to the IdP. If not specified, metadataURL will be used
-
metadataURL: string
URL where the SP metadata can be downloaded
-
nameIDFormat: string
the NameID format used during Federation SSO. If emailaddress, then the NameID value of an Assertion created by the IdP will contain the user's email address; if unspecified, then the NameID value of an Assertion created by the IdP will contain the user's ID
-
preverify: string
boolean indicating if the call is to perform a pre-verification check. If true, the service will need to ensure the method can be invoked before the changes are performed in a subsequent callDefault Value:
false -
signingCert: string
the Base64 encoded X.509 Signing Certificate used by the SP to sign messages
-
spPartnerName: string
the partner name to be used
-
spProviderID: string
the SP's ProviderID
-
ssoProfile: string
the SAML 2.0 SSO profile to useAllowed Values:
[ "artifact", "httppost" ] -
staticAttrName: string
indicates if a static attribute should be sent and how it should be referenced (if missing, then the attribute will not be sent). staticAttrName and staticAttrValue are required
-
staticAttrValue: string
indicates if a static attribute should be sent and what value should be used (if missing, then the attribute will not be sent). staticAttrName and staticAttrValue are required
-
userNameAttrName: string
indicates the SAML Attribute name to use in the SAML 2.0 Assertion when including the userID (if missing, then the attribute name will not be set to username)
-
validityNewKeys: string
indicates the validity in days of the self signed certificates
Response
Supported Media Types
- application/json
200 Response
OK
Root Schema : statusResponse
Type:
objectStatus Response
Show Source
-
status:
integer(int32)
Status Code: 1 for success and 0 for failure
-
statusMessage:
string
Status Message
400 Response
Bad Request.
500 Response
INTERNAL SERVER ERROR.