Unify and manage your data

Update SAML Configuration

Update SAML Configuration on a Tenant

This SAML SSO Configuration API is designed to update SAML configuration on a tenant which belongs to a customer.

Request

Operation Endpoint:

PUT https://prod-security-service.reltio.com/api/v1/security/samlconfig/{{customer}}/{{tenant}}

Where the URL is: https://prod-security-service.reltio.com.

Table 1. Parameters
Parameter Required Description
Headers Content-Type Yes Must be "Content-Type: application/json"
Query customerId Yes Customer ID
Query tenantId Yes Tenant ID

Sample Request

{
   "metaData":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<md:EntityDescriptor entityID=\"http://www.okta.com/exk1785cmeJqhHxrL357\"\nxmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n<md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n<md:KeyDescriptor use=\"signing\">\n<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\n<ds:X509Data>\n<ds:X509Certificate>MIIDpDCCAoygAwIBAgIGAWzN7OL0MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0xMjY5MDgxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTkwODI2MTIzNDQ5WhcNMjkwODI2MTIzNTQ5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMTI2OTA4MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj99UM28826bNArqAARts+VskYHEgx/nejXSxJbjosupOQGbLlKstNMCXImYM0nF5iKvDh/d/X9yImnjg4AQ10lJ/v/3JygiC+cOf7UhomIisauUvmuteu7fXgDV0KAr1ZalgX5N9V9IfhCgZsQbHoyfCkzQ+vinE8+y2bn1zNAKNq8p4M680gESXvZLnDouVIO/m+cAWvasdwTyp9R7GAEUnBlJFWHeK1Cw9V/Get/im1EJpJ3RgxWNSY96DuxcCQ4mk7b+FeQjUK9kAA3sgxS8FS+vtUOgv/Q0wd5H/4g/CV5toOpaY3txcydWOB5R6pe12zICIg4jiqVGsDfsOQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCWvHqB9BbLiGmCzpJC3QCqlQyKbjsOu6lEsl0hV86i76ylDBc427sskak/6Tf6Cl+n5YX5xnb3U5ohUoQ1/3AGJF1cJqwU8HmQkwoCywIFr+Q09833v4EGrQ9vxTwFX3CuOPTBMDYVbFOgtjn/JIY3fPcUGfcurfxT5rQSq1g72m17GymW8wzUsATf6x5RrdT4Nw/W8HizPErUIbGZS4V0QVZGdPrU9YsbsmWPA8FITM66wS+mKRqkVkGzunFk6Vo5febGiuqOO2IfpO6pY1ikbn8NTkabft7LKFqbNqUeIHNQKjoS2EWaIdO41+JqxWKwwOoBn8fcU894Jwgm9n1m</ds:X509Certificate>\n</ds:X509Data>
</ds:KeyInfo>\n</md:KeyDescriptor>\n<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>\n<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>\n<md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://dev-126908.okta.com/app/reltioindiapvtltddev126908_samltestapplication_2/exk1785cmeJqhHxrL357/sso/saml\"/&gt;\n<md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://dev-126908.okta.com/app/reltioindiapvtltddev126908_samltestapplication_2/exk1785cmeJqhHxrL357/sso/saml\"/&gt;\n&lt;/md:IDPSSODescriptor&gt;\n&lt;/md:EntityDescriptor>",
   "emailSAMLAttribute":"email",
   "rolesSAMLAttribute":"roles",
   "rolesMappingRegex":"(AZ_[a-zA-Z0-9_]*),*?",
   "defaultRoles":["ROLE_USER","ROLE_API"],
   "groupsSAMLAttribute": "groups",
   "groupsMappingRegex": "(AZ_[a-zA-Z0-9_]*),*?",
   "defaultGroups": ["sso_group1"]
}

Sample Response

{
   "metadata":"<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"urn:amazon:cognito:sp:us-east-1_60Lf83cSi\"> <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://reltio-samlssotenant.auth.us-east-1.amazoncognito.com/saml2/idpresponse\" index=\"1\" /> </md:SPSSODescriptor></md:EntityDescriptor>",
   "acsURL":"https://reltio-samlssotenant.auth.us-east-1.amazoncognito.com/saml2/idpresponse",
   "entityID":"urn:amazon:cognito:sp:us-east-1_60Lf83cSi",
   "defaultRoles":[
      "ROLE_API",
      "ROLE_USER"
   ],
   "emailSAMLAttribute":"email",
   "rolesSAMLAttribute":"roles",
   "rolesMappingRegex":"(AZ_[a-zA-Z0-9_]*),*?",
   "defaultGroups":[
      "sso_group1"
   ],
   "groupsSAMLAttribute":"groups",
   "groupsMappingRegex": "(AZ_[a-zA-Z0-9_]*),*?"
}