Unify and manage your data

Create SAML Configuration

Create SAML Configuration on a Tenant

This SAML SSO Configuration API is designed to create SAML configuration on a tenant which belongs to a customer.

Request

Operation Endpoint

POST {URL}/api/v1/security/samlconfig/{customer}/{tenant}

Where the URL is: https://prod-security-service.reltio.com.

Table 1. Parameters
Parameter Required Description
Headers Content-Type Yes Must be "Content-Type: application/json"
Query customerId Yes Customer ID
Query tenantId Yes Tenant ID

Sample Request

{ "metaData":"<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/exk1785cmeJqhHxrL357\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"&gt;&lt;ds:X509Data&gt;&lt;ds:X509Certificate&gt;MIIDpDCCAoygAwIBAgIGAWzN7OL0MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0xMjY5MDgxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTkwODI2MTIzNDQ5WhcNMjkwODI2MTIzNTQ5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMTI2OTA4MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj99UM28826bNArqAARts+VskYHEgx/nejXSxJbjosupOQGbLlKstNMCXImYM0nF5iKvDh/d/X9yImnjg4AQ10lJ/v/3JygiC+cOf7UhomIisauUvmuteu7fXgDV0KAr1ZalgX5N9V9IfhCgZsQbHoyfCkzQ+vinE8+y2bn1zNAKNq8p4M680gESXvZLnDouVIO/m+cAWvasdwTyp9R7GAEUnBlJFWHeK1Cw9V/Get/im1EJpJ3RgxWNSY96DuxcCQ4mk7b+FeQjUK9kAA3sgxS8FS+vtUOgv/Q0wd5H/4g/CV5toOpaY3txcydWOB5R6pe12zICIg4jiqVGsDfsOQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCWvHqB9BbLiGmCzpJC3QCqlQyKbjsOu6lEsl0hV86i76ylDBc427sskak/6Tf6Cl+n5YX5xnb3U5ohUoQ1/3AGJF1cJqwU8HmQkwoCywIFr+Q09833v4EGrQ9vxTwFX3CuOPTBMDYVbFOgtjn/JIY3fPcUGfcurfxT5rQSq1g72m17GymW8wzUsATf6x5RrdT4Nw/W8HizPErUIbGZS4V0QVZGdPrU9YsbsmWPA8FITM66wS+mKRqkVkGzunFk6Vo5febGiuqOO2IfpO6pY1ikbn8NTkabft7LKFqbNqUeIHNQKjoS2EWaIdO41+JqxWKwwOoBn8fcU894Jwgm9n1m&lt;/ds:X509Certificate&gt;&lt;/ds:X509Data&gt;&lt;/ds:KeyInfo&gt;&lt;/md:KeyDescriptor&gt;&lt;md:NameIDFormat&gt;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&lt;/md:NameIDFormat&gt;&lt;md:NameIDFormat&gt;urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress&lt;/md:NameIDFormat&gt;<md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://dev-126908.okta.com/app/reltioindiapvtltddev126908_samltestapplication_2/exk1785cmeJqhHxrL357/sso/saml\"/&gt;<md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://dev-126908.okta.com/app/reltioindiapvtltddev126908_samltestapplication_2/exk1785cmeJqhHxrL357/sso/saml\"/&gt;&lt;/md:IDPSSODescriptor&gt;&lt;/md:EntityDescriptor>", "emailSAMLAttribute":"email", "rolesSAMLAttribute":"roles", "rolesMappingRegex":"(AZ_[a-zA-Z0-9_]*),*?", "defaultRoles":[ "ROLE_USER", "ROLE_API" ], "groupsSAMLAttribute":"groups", "groupsMappingRegex":"(AZ_[a-zA-Z0-9_]*),*?", "defaultGroups":["sso_group1"] }

Sample Response

{ "metadata": "<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"urn:amazon:cognito:sp:us-east-1_uvzCxB8FG\"> <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://reltio-samlssotenant.auth.us-east-1.amazoncognito.com/saml2/idpresponse\" index=\"1\" /> </md:SPSSODescriptor></md:EntityDescriptor>", "acsURL": "https://reltio-samlssotenant.auth.us-east-1.amazoncognito.com/saml2/idpresponse", "entityID": "urn:amazon:cognito:sp:us-east-1_uvzCxB8FG", "defaultRoles": [ "ROLE_API", "ROLE_USER" ], "emailSAMLAttribute": "email", "rolesSAMLAttribute": "roles", "rolesMappingRegex": "regex", "defaultGroups": [ "sso_group1" ], "groupsSAMLAttribute": "groups", "groupsMappingRegex": "OU=([a-zA-Z0-9_]*).*?" }
Was this content helpful?