Create a SAML service provider configuration
Suggest changes
PDFs
POST /security/authentication/cluster/saml-sp
Creates a SAML service provider configuration. Note that "common_name" is mutually exclusive with "serial_number" and "ca" in the POST. SAML will initially be disabled, requiring a patch to set "enabled" to "true", so that the user has time to complete the setup of the IdP.
Required properties
-
idp_uri
Optional properties
-
certificate -
enabled -
host
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
verify_metadata_server |
boolean |
query |
False |
Verify IdP metadata server identity.
|
Request Body
| Name | Type | Description |
|---|---|---|
_links |
||
certificate |
||
host |
string |
The SAML service provider host. |
idp_uri |
string |
The identity provider (IdP) metadata location. Required for POST operations. |
Example request
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"certificate": {
"ca": "string",
"common_name": "cluster1",
"serial_number": "1506B24A94F566BA"
},
"enabled": null,
"host": "string",
"idp_uri": "https://idp.example.com/FederationMetadata/2007-06/FederationMetadata.xml"
}Response
Status: 202, Accepted| Name | Type | Description |
|---|---|---|
job |
Example response
{
"job": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"uuid": "string"
}
}Error
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
12320814 |
An invalid IDP URI has been entered. |
12320815 |
The IDP URI must be an HTTPS or FTPS URI. |
12320794 |
The host parameter provided must be the cluster management LIF's IP address. If the cluster management LIF is not available, the node management LIF's IP address must be used. |
12320795 |
A valid cluster or node management LIF IP address must be provided. |
12320805 |
The certificate information provided does not match any installed certificates. |
12320806 |
Entered certificate information does not match any installed certificates. |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
certificate
| Name | Type | Description |
|---|---|---|
ca |
string |
Server certificate issuing certificate authority (CA). This cannot be used with the server certificate common name. |
common_name |
string |
Server certificate common name. This cannot be used with the certificate authority (CA) or serial_number. |
serial_number |
string |
Server certificate serial number. This cannot be used with the server certificate common name. |
security_saml_sp
| Name | Type | Description |
|---|---|---|
_links |
||
certificate |
||
host |
string |
The SAML service provider host. |
idp_uri |
string |
The identity provider (IdP) metadata location. Required for POST operations. |
job_link
| Name | Type | Description |
|---|---|---|
_links |
||
uuid |
string |
The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |