Skip to main content
REST API reference
A newer release of this product is available.

Create an SAML service provider configuration

PDFs

POST /security/authentication/cluster/saml-sp

Introduced In: 9.6

Creates a SAML service provider configuration. Note that "common_name" is mutually exclusive with "serial_number" and "ca" in POST. SAML will initially be disabled, requiring a patch to set "enabled" to "true", so that the user has time to complete the setup of the IdP.

Required properties

  • idp_uri

Optional properties

  • certificate

  • enabled

  • host

Parameters

Name Type In Required Description

verify_metadata_server

boolean

query

False

Verify IdP metadata server identity.

  • Default value: 1

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When doing a POST, PATCH, or DELETE operation on a single record, the default is 0 seconds. This means that if an asynchronous operation is started, the server immediately returns HTTP code 202 (Accepted) along with a link to the job. If a non-zero value is specified for POST, PATCH, or DELETE operations, ONTAP waits that length of time to see if the job completes so it can return something other than 202.

  • Default value: 0

  • Max value: 120

  • Min value: 0

Request Body

Name Type Description

certificate

certificate

host

string

The SAML service provider host.

idp_uri

string

The identity provider (IdP) metadata location. Required for POST operations.
Example request 
{
  "certificate": {
    "ca": "string",
    "common_name": "cluster1",
    "serial_number": "1506B24A94F566BA"
  },
  "enabled": true,
  "host": "string",
  "idp_uri": "https://idp.example.com/FederationMetadata/2007-06/FederationMetadata.xml"
}

Response

Status: 202, Accepted
Name Type Description

job

job_link
Example response 
{
  "job": {
    "uuid": "string"
  }
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Response

Status: 201, Created

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

12320789

Failed to download data file from specified URI.

12320794

The host parameter provided must be the cluster management interface's IP address. If the cluster management interface is not available, the node management interface's IP address must be used.

12320795

A valid cluster or node management interface IP address must be provided.

12320805

The certificate information provided does not match any installed certificates.

12320806

The certificate information entered does not match any installed certificates.

12320814

An invalid IDP URI has been entered.

12320815

An IDP URI must be an HTTPS or FTPS URI.

12320819

Use the HTTPS scheme for the idp_uri or set verify_metadata_server to false.

12320820

No certificate is installed with the specified certificate.ca and certificate.serial.

12320821

No certificate is installed with the specified certificate.common_name.

12320823

The host parameter provided must be the cluster management interface's IP address. If the cluster management interface is not available, the node management interface's IP address must be used.

Also see the table of common errors in the Response body overview section of this documentation.

Definitions

See Definitions

href

Name Type Description

href

string

_links

certificate

Name Type Description

ca

string

Server certificate issuing certificate authority (CA). This cannot be used with the server certificate common name.

common_name

string

Server certificate common name. This cannot be used with the certificate authority (CA) or serial_number.

serial_number

string

Server certificate serial number. This cannot be used with the server certificate common name.

security_saml_sp

Name Type Description

certificate

certificate

host

string

The SAML service provider host.

idp_uri

string

The identity provider (IdP) metadata location. Required for POST operations.
Name Type Description

uuid

string

The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.