Overview
This guide gives step-by-step instructions on how you can integrate miniOrange Identity Provider and User Store APIs with your system.
Pre-requisites
- You need to create a free trial account with miniOrange.
- Login to our console and Click on the Settings provided on the right top corner of the console.
- Copy your Api Key and follow the steps below to generate the Authentication Header.
Step 1: Create Authentication Header
To be able to call our challenge and validate Rest APIs, you will need to set the authorization headers required to make sure that the request being made is by a valid user. You can check the sample JAVA and PHP code below to get an idea on how you can create the authorization headers.
The following values need to be set in the Header of the HTTP Request being made.
| Attribute | Description |
|---|---|
| Customer-Key | Your customer key. |
| Api-Key | Your Api Key |
| Timestamp | The time in milliseconds when the request is being made |
| Authorization | SHA 512 Hash Value consisting of the customer key , current timestamp and api key. |
You can get your Customer-Key and Api Key by following these steps:
- Log in to your Admin Dashboard.
- Go to System Settings from the top right corner. You will find all of your information under the Account Details section.
- Java
- PHP
/* You can get customer Key and customer Api Key from your admin dashboard */
String customerKey = "<YOUR_CUSTOMER_KEY>";
String apiKey = "<YOUR_API_KEY>";
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
String currentTimeInMillis = String.valueOf(System.currentTimeMillis());
/* Creating the Hash using SHA-512 algorithm (Apache Shiro library) */
String stringToHash = customerKey + currentTimeInMillis + apiKey;
String hashValue = new Sha512Hash(stringToHash).toHex().toLowerCase();
HttpPost postRequest = new HttpPost("<URL for calling API>");
/* Setting the Authorization Header values */
postRequest.setHeader("Customer-Key", customerKey);
postRequest.setHeader("Timestamp", currentTimeInMillis);
postRequest.setHeader("Authorization", hashValue)/* You can get customer Key and customer Api Key from your admin dashboard*/
$customerKey = "<YOUR_CUSTOMER_KEY>";
$apiKey = "<YOUR_API_KEY>";
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
$currentTimeInMillis = round(microtime(true) * 1000);
/* Creating the Hash using SHA-512 algorithm */
$stringToHash = $customerKey . number_format ( $currentTimeInMillis, 0, '', '' ) . $apiKey;
$hashValue = hash("sha512", $stringToHash);
/* Add $customerKeyHeader,$timestampHeader and $authorizationHeader in the httpheader */
$customerKeyHeader = "Customer-Key: " . $customerKey;
$timestampHeader = "Timestamp: " . number_format ( $currentTimeInMillis, 0, '', '' );
$authorizationHeader = "Authorization: " . $hashValue;Step 2: API Details
Get All Configured SAML IdPs
To get all configured SAML IDPs, you need to make an HTTP GET request to our get all SAML IDPs API.
Endpoint Information:
| Type | Information |
|---|---|
| Method | GET |
| URL | https://login.xecurify.com/services/api/idps/v1/saml?startIndex={startIndex}&count={count} |
Request headers:
| Parameters | Type |
|---|---|
| Customer-Key | int |
| Timestamp | int |
| Authorization | String |
CustomerKey : CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp : Timestamp specifies current time in milliseconds e.g. 1474522813982.
Authorization : Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| startIndex (optional) | Int | Defaults to 1 if no value passed |
| count (optional) | Int | Defaults to 10 if no value passed |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>, <START_INDEX>, <COUNT>, <AUTHORIZATION> and <TIMESTAMP> with the respective values
- cURL
- Java
- PHP
curl --location --request GET 'https://login.xecurify.com/services/api/idps/v1/saml?startIndex=<START_INDEX>&count=<COUNT>' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("https://login.xecurify.com/services/api/idps/v1/saml?startIndex=<START_INDEX>&count=<COUNT>")
.method("GET", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://login.xecurify.com/services/api/idps/v1/saml?startIndex=<START_INDEX>&count=<COUNT>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Example Request:
https://login.xecurify.com/services/api/idps/v1/saml?startIndex=0&count=10Example Response:
{
"status": "SUCCESS",
"statusCode": 200,
"message": "Identity Provider settings retrieved successfully.",
"timestamp": "2024-09-13T04:36:04.549Z",
"details": "uri=/v1/saml",
"idpList": {
"totalResults": 2,
"startIndex": 0,
"itemsPerPage": 10,
"resources": [
{
"displayName": "Okta",
"showIdpToUsers": false,
"promptForUserRegistration": true,
"sendConfiguredAttributes": false,
"isDefault": false,
"endUserLogin": false,
"domainMapping": "",
"attributeMapping": [],
"identifier": "Okta",
"entityId": "https://www.okta.com/exkg24ndmeMSQbgSe5d7",
"loginUrl": "https://dev-34738297.okta.com/app/dev-34738297_wolfheartprod_1/exkg24ndmeMSQbgSe5d7/sso/saml",
"x509Certificate": "[\"-----BEGIN CERTIFICATE-----\\r\
MIIDqDCCApCgAwIBAgIGAY5+fr5fMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYDVQQG\\r\
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj\\r\
bzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxFTATBgNVBAMM\\r\
DGRldi0zNDczODI5NzEcMBoGCSqGSIb3DQEJARYNaW5mb0Bva3RhLmNvbTAeFw0y\\r\
NDAzMjcwNTU5MTlaFw0zNDAzMjcwNjAwMTlaMIGUMQswCQYDVQQGEwJVUzETMBEG\\r\
A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UE\\r\
CgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxFTATBgNVBAMMDGRldi0zNDcz\\r\
ODI5NzEcMBoGCSqGSIb3DQEJARYNaW5mb0Bva3RhLmNvbTCCASIwDQYJKoZIhvcN\\r\
AQEBBQADggEPADCCAQoCggEBAMi+e/BVZjjw/Ba5FNZUDugaYIYnVHBHcXciTrrN\\r\
WG+K5ZsKBfVg+O9axn9ScDJp9MgfNb3EZ2ISRvhkX+vVs7CCv6QvRlQNd5hfjjqt\\r\
wIhF4psWbs0vUvokjmkBC+g5ggv8SHA8DT1kWsfEz+gjjO4Cl0dhPdvqPwBVr84s\\r\
s/7WZt17HTnQyifVb0rgOGhCmn0LOeQbSlGlhfPVinvhPH0UoQVSn3XGMV3m5bSB\\r\
60acKu9mQH5dOgV3ACZXb/IN+lAGsvgHNN3xwX8VzTskpaKpeOrjNiemOstX4okf\\r\
X34r4/gAej8Ifbyp23pVAEvIVi3bQTD3d2RetZYU++a66bsCAwEAATANBgkqhkiG\\r\
9w0BAQsFAAOCAQEAHnEph3DGUSPrhvUGlkggOeC86bl8siG0zrGZBH+HcZ5Bn88P\\r\
lxrxY+h/yywi6TB70llEtKJeCQX6k+eqVx5fv3bxT+hck0bY5PqPd/vgiwFdOQW8\\r\
3pETfiowgHDpzJxnjjjwFhLToYWts0k4XvVamL9MGjbnphcH6YdjEaFTRFPgB/lE\\r\
jx7ubyRAqyoYAS3PoJg4Pre1vL6qCdEGlNOw+L9MeQbktFiJHvO7aQyT4nvTjgDF\\r\
VGpSNOmWEiwo2rFUaVo94eli3ebvG4AaFEGOs73bFSW75Mu18+BPDM18uIFi0oz1\\r\
pIfHNLrul4Qz5JZf8WCW2AtgzWAkBzwN8ZWnUg==\\r\
-----END CERTIFICATE-----\"]",
"logoutUrl": "",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"responseSigned": true,
"assertionSigned": false,
"uuid": "fc863da6-ee78-4afd-83eb-576e01216dfc",
"metadata": {
"spMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml/acs/334709",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/spinitiated"
},
"idpMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/idpinitiatedsso",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/idpinitiated"
}
},
"idpLoginUrl": "https://wolf.xecurify.com/moas/login?id=334709"
},
{
"displayName": "IDP being SAML",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"sendConfiguredAttributes": true,
"isDefault": false,
"endUserLogin": true,
"domainMapping": "SAML-API",
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"identifier": "SAML_IDP_API",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"logoutUrl": "https://saml.idp/logout",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "HTTP-REDIRECT",
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"responseSigned": false,
"assertionSigned": true,
"uuid": "cdc9c483-5634-44db-bf49-2115468b1754",
"metadata": {
"spMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml/acs/334709",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/spinitiated"
},
"idpMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/idpinitiatedsso",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/idpinitiated"
}
},
"idpLoginUrl": "https://wolf.xecurify.com/moas/login?id=334709"
}
]
}
}Fetch Specific SAML IdP
To fetch details of a configured SAML IDP, you need to make an HTTP GET request to our fetch SAML IDP Configuration endpoint.
Endpoint Information:
| Type | Information |
|---|---|
| Method | GET |
| URL | https://login.xecurify.com/services/api/idps/v1/saml/{uuid} |
Request headers:
| Parameters | Type |
|---|---|
| Customer-Key | int |
| Timestamp | int |
| Authorization | String |
CustomerKey : CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp : Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization : Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| uuid (required) | UUID | SAML IDP Unique identifier |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>, <UUID>, <AUTHORIZATION> and <TIMESTAMP> with the respective values
- cURL
- Java
- PHP
curl --location --request GET 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("https://login.xecurify.com/services/api/idps/v1/saml/<UUID>")
.method("GET", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Example Request:
https://login.xecurify.com/services/api/idps/v1/saml/cdc9c483-5634-44db-bf49-2115468b1754Example Response:
{
"status": "SUCCESS",
"statusCode": 200,
"message": "Identity Provider settings retrieved successfully.",
"timestamp": "2024-09-13T04:47:03.878Z",
"details": "uri=/v1/saml/cdc9c483-5634-44db-bf49-2115468b1754",
"idp": {
"displayName": "IDP being SAML",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"sendConfiguredAttributes": true,
"isDefault": false,
"endUserLogin": true,
"domainMapping": "SAML-API",
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"identifier": "SAML_IDP_API",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"logoutUrl": "https://saml.idp/logout",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "HTTP-REDIRECT",
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"responseSigned": false,
"assertionSigned": true,
"uuid": "cdc9c483-5634-44db-bf49-2115468b1754",
"metadata": {
"spMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml/acs/334709",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/spinitiated"
},
"idpMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/idpinitiatedsso",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/idpinitiated"
}
},
"idpLoginUrl": "https://wolf.xecurify.com/moas/login?id=334709"
}
}Add a SAML IdP
To add a SAML IDP, you need to make an HTTP POST request to our add SAML IDP Configuration endpoint.
Endpoint Information:
| Type | Information |
|---|---|
| Method | POST |
| URL | https://login.xecurify.com/services/api/idps/v1/saml |
Request headers:
| Parameters | Type |
|---|---|
| Content-Type | application/json |
| Customer-Key | int |
| Timestamp | int |
| Authorization | String |
CustomerKey : CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp : Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization : Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Main Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| identifier (required) | String | Unique identifier for your Identity provider |
| displayName (required) | String | Display Name for your SAML IdP. |
| entityId (required) | String | Entity ID or Issuer ID. |
| loginUrl (required) | String | SAML Login URL |
| logoutUrl (optional) | String | SAML Logout URL |
| x509Certificate (required) | String | X509 Signing Certificate |
| endUserLogin (optional) | Boolean | Allow end users to login to user dashboard with their idp credentials (default = false) |
| overrideReturnUrl (optional) | Boolean | Allows to overwrite default return url by the return url in request. (default = false) |
| defaultReturnUrl (optional) | String | Return url where attributes from identity provider will be recieved here. |
| signSamlRequest (optional) | Boolean | Sign SAML request |
| samlRequestBinding (optional) | String | SAML request binding (default=HTTP-Redirect i.e., urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect, options = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST or urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect |
| domainMapping (optional) | String | Allows to use this IdP for limited domains. |
| showIdpToUsers (optional) | Boolean | Allows to show this idp to users. (default = false) |
| promptForUserRegistration (optional) | Boolean | Allows to register user in miniOrange by prompting for registration. (default = false) |
| nameIdFormat (optional) | String | Name ID Format. (default = urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, options = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient, urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) |
| sendConfiguredAttributes (optional) | Boolean | Allows this to send configured attributes in SAML assertion at the time of login. (default = false) |
| attributeMapping (optional) | Object | Configured attributes will be added in the list of Object (“incomingAttribute” and “outgoingAttribute”). |
| responseSigned (optional) | Boolean | (default = true) |
| assertionSigned (optional) | Boolean | (default = false) |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>, <ENTITY_ID>, <LOGIN_URL>, <LOGOUT_URL>, <X509_CERT>, <AUTHORIZATION> and <TIMESTAMP> with the respective values
- cURL
- Java
- PHP
curl --location --request POST 'https://login.xecurify.com/services/api/idps/v1/saml' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>' \
--header 'Content-Type: application/json' \
--data-raw '{
"identifier": "SamlApiTest",
"displayName": "SamlApiTest",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X509_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}'OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, """
{
"identifier": "SamlApiTest",
"displayName": "SamlApiTest",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X509_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}
""");
Request request = new Request.Builder()
.url("https://login.xecurify.com/services/api/idps/v1/saml")
.method("POST", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.addHeader("Content-Type", "application/json")
.build();
Response response = client.newCall(request).execute();<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://login.xecurify.com/services/api/idps/v1/saml',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"identifier": "SamlApiTest2",
"displayName": "SamlApiTest2",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X5909_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false
}',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Example Request:
https://login.xecurify.com/services/api/idps/v1/samlExample Request body:
{
"identifier": "SAML_IDP_API",
"displayName": "IDP being SAML",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"logoutUrl": "https://saml.idp/logout",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"endUserLogin": true,
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"domainMapping": "SAML-API",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"sendConfiguredAttributes": true,
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"responseSigned": false,
"assertionSigned": true
}Example Response:
{
"status": "SUCCESS",
"statusCode": 201,
"message": "Identity Provider created successfully.",
"timestamp": "2024-09-13T04:35:21.992Z",
"details": "uri=/v1/saml",
"idp": {
"displayName": "IDP being SAML",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"sendConfiguredAttributes": true,
"isDefault": false,
"endUserLogin": true,
"domainMapping": "SAML-API",
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"identifier": "SAML_IDP_API",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"logoutUrl": "https://saml.idp/logout",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "HTTP-REDIRECT",
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"responseSigned": false,
"assertionSigned": true,
"uuid": "cdc9c483-5634-44db-bf49-2115468b1754",
"metadata": {
"spMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml/acs/334709",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/spinitiated"
},
"idpMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/idpinitiatedsso",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/idpinitiated"
}
},
"idpLoginUrl": "https://wolf.xecurify.com/moas/login?id=334709"
}
}Update a SAML IdP
To update a SAML IDP, you need to make an HTTP PUT request to our update SAML IDP Configuration endpoint.
Endpoint Information:
| Type | Information |
|---|---|
| Method | PUT |
| URL | https://login.xecurify.com/services/api/idps/v1/saml/{uuid} |
Request headers:
| Parameters | Type |
|---|---|
| Content-Type | application/json |
| Customer-Key | int |
| Timestamp | int |
| Authorization | String |
CustomerKey : CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp : Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization : Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| uuid (required) | UUID | SAML IDP Unique identifier |
Main Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| identifier (required) | String | Unique identifier for your Identity provider |
| displayName (required) | String | Display name of your SAML IDP |
| entityId (required) | String | Entity ID or Issuer ID. |
| loginUrl (required) | String | SAML Login URL |
| logoutUrl (optional) | String | SAML Logout URL |
| x509Certificate (required) | String | X509 Signing Certificate |
| endUserLogin (optional) | Boolean | Allow end users to login to user dashboard with their idp credentials (default = false) |
| overrideReturnUrl (optional) | Boolean | Allows to overwrite default return url by the return url in request. (default = false) |
| defaultReturnUrl (optional) | String | Return url where attributes from identity provider will be recieved here. |
| signSamlRequest (optional) | Boolean | Sign SAML request |
| samlRequestBinding (optional) | String | SAML request binding (default=HTTP-Redirect i.e., urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect, options = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST or urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect |
| domainMapping (optional) | String | Allows to use this IdP for limited domains. |
| showIdpToUsers (optional) | Boolean | Allows to show this idp to users. (default = false) |
| promptForUserRegistration (optional) | Boolean | Allows to register user in miniOrange by prompting for registration. (default = false) |
| nameIdFormat (optional) | String | Name ID Format. (default = urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, options = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient, urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) |
| sendConfiguredAttributes (optional) | Boolean | Allows this to send configured attributes in SAML assertion at the time of login. (default = false) |
| attributeMapping (optional) | Object | Configured attributes will be added in the list of Object (“incomingAttribute” and “outgoingAttribute”). |
| responseSigned (optional) | Boolean | (default = true) |
| assertionSigned (optional) | Boolean | (default = false) |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>, <UUID>, <ENTITY_ID>, <LOGIN_URL>, <LOGOUT_URL>, <X509_CERT>, <AUTHORIZATION> and <TIMESTAMP> with the respective values
- cURL
- Java
- PHP
curl --location --request PUT 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>' \
--header 'Content-Type: application/json' \
--data-raw '{
"identifier": "SamlApiTest",
"displayName": "SamlApiTest",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X509_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false
}'OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, """
{
"identifier": "SamlApiTest",
"displayName": "SamlApiTest",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X509_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}
""");
Request request = new Request.Builder()
.url("https://login.xecurify.com/services/api/idps/v1/saml/<UUID>")
.method("PUT", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.addHeader("Content-Type", "application/json")
.build();
Response response = client.newCall(request).execute();<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS =>'{
"identifier": "SamlApiTest2",
"displayName": "SamlApiTest2",
"entityId": "<ENTITY_ID>",
"loginUrl": "<LOGIN_URL>",
"logoutUrl": "<LOGOUT_URL>",
"x509Certificate": "<X5909_CERT>",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"signSamlRequest": false,
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"endUserLogin": false,
"overrideReturnUrl": false,
"defaultReturnUrl": "",
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false
}',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Example Request:
https://login.xecurify.com/services/api/idps/v1/saml/cdc9c483-5634-44db-bf49-2115468b1754Example Request body:
{
"identifier": "SAML_IDP_API",
"displayName": "IDP being SAML",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"logoutUrl": "https://saml.idp/logout",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"endUserLogin": true,
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
"domainMapping": "SAML-API",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"sendConfiguredAttributes": true,
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"responseSigned": false,
"assertionSigned": true
}Example Response:
{
"status": "SUCCESS",
"statusCode": 200,
"message": "Identity Provider updated successfully.",
"timestamp": "2024-09-13T05:36:40.586Z",
"details": "uri=/v1/saml/cdc9c483-5634-44db-bf49-2115468b1754",
"idp": {
"displayName": "IDP being SAML",
"showIdpToUsers": true,
"promptForUserRegistration": true,
"sendConfiguredAttributes": true,
"isDefault": false,
"endUserLogin": true,
"domainMapping": "SAML-API",
"attributeMapping": [
{
"incomingAttribute": "email",
"outgoingAttribute": "EMAIL"
},
{
"incomingAttribute": "username",
"outgoingAttribute": "USERNAME"
}
],
"identifier": "SAML_IDP_API",
"entityId": "SAML entity ID",
"loginUrl": "https://example.com/login",
"x509Certificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"logoutUrl": "https://saml.idp/logout",
"nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"signSamlRequest": true,
"signatureAlgo": "SHA-256",
"samlRequestBinding": "HTTP-REDIRECT",
"overrideReturnUrl": true,
"defaultReturnUrl": "https://example.com/returnUrl",
"responseSigned": false,
"assertionSigned": true,
"uuid": "cdc9c483-5634-44db-bf49-2115468b1754",
"metadata": {
"spMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml/acs/334709",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/spinitiated"
},
"idpMetadata": {
"assertionConsumerService": [
{
"url": "https://wolf.xecurify.com/moas/idpinitiatedsso",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"singleLogoutService": [
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
{
"url": "https://wolf.xecurify.com/moas/broker/login/saml_logout/334709/",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
],
"nameIdFormat": [
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
],
"signingCertificate": "MIIDgTCCAmmgAwIBAgIJAPjrL2mUUAXaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU0FOIEpPU0UxEzARBgNVBAoMCk1JTklPUkFOR0UxEzARBgNVBAMMCk1JTklPUkFOR0UwHhcNMTgwOTA4MDQ1MTA3WhcNMjgwOTA1MDQ1MTA3WjBXMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNBTiBKT1NFMRMwEQYDVQQKDApNSU5JT1JBTkdFMRMwEQYDVQQDDApNSU5JT1JBTkdFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyB0bEkfJEIWd4ppO6923mCpJJhfVfgZCSZc9YScWo0LIWbv2EVM1IWqidoQLQla/RGadNnTeo5Xj3WLwIYX/y5YxtJ7hkf2/nAsKI9dcsrI/8jPlqw/4IuyXwIKcQ11qUmz8D/vcUKsITfCwWnBVMpGA6d1P38GOZd0XWZ2IMxw3Vz8a5WH9y5V19Zl//3+IlxSJZWaITg3d4K+g25UEvwHYJA/f8gN/KTxHQz9zjI2eDJQTSgD1xoVztoKcsf1aCTrlTTF3zbAuROJbwv4J+1SV0Z9PWuQFcnig5CNgEkeeJuD9T3yUf54VquVvfhIlPx1pwt9im5mTZXj/86YQIDAQABo1AwTjAdBgNVHQ4EFgQU19d8uXcSjLcak4tIcTa6TMUmIiQwHwYDVR0jBBgwFoAU19d8uXcSjLcak4tIcTa6TMUmIiQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUeTamT0AtZVAozA9aPqLfBbfNcT4yAjVmRu7LENMwIn/CdJjtJMuvPB15WqFGADktY1eU1hujV88VP/78RwVDCNiIiLHPlPPqnoaJOg2JzHWStRGb1cMPewHlzYDDENUwslemxFG2Sv2ABMGUSY9Z39f77g888fkeRtesDecurbNzvd++dckMhsHOrlK9uNI3poYmD0YHuDEoK34R3aroACLieny7WW2Hrf73olXt55srHJc/NBuRZkl2aPuwuKBgh78PmiI9Eke6FdsP6rIKFx1KB7BneOjFt4w3OQL1i6Y6U16wTIzJMyejdkQEBBPbcjHoYSIKXpb6+lejUohGA==",
"encryptionCertificate": "MIIDGDCCAgCgAwIBAgIIU+KCebJrrvowDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCSU4xEzARBgNVBAoTCm1pbmlPcmFuZ2UxEzARBgNVBAsTCm1pbmlPcmFuZ2UxEzARBgNVBAMTCm1pbmlPcmFuZ2UwHhcNMTkwNzE4MDgzMzI5WhcNMjkwNzE1MDgzMzI5WjBMMQswCQYDVQQGEwJJTjETMBEGA1UEChMKbWluaU9yYW5nZTETMBEGA1UECxMKbWluaU9yYW5nZTETMBEGA1UEAxMKbWluaU9yYW5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjOxr/6ci0oM8pcDnms33qC86trHnhSNYNrBdgMA1GoChKxwtu/YmFxBJOgWZMtsfR6r5EqQT8ushCILlAezEJvYvMclZfOKEB5b+MYUM5Z6aMYgMI/ZgGwpVQOJzhE2YFF+9y+U8pVnJskV4yo/OgMHQLsta6J8VANPUXPKDS5i8RnBr/mzIR+ZL/S5xIKnzWhHvc+P1riBsPvxffBI2Ea8cOP1wVrwY4DPn3z2lENDFyElauFesMYdiXwLh1ToPr5KYQtlx8K5fESdmATAS0X2SIqfDtAoRBP/MvppEcuZj7abXoY4GacSiU5pbfT68LDLzznJvkUDszTuPpo27kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAF11Vm5WFOrASqATKRxTWJmie9mZ4/jJeHsU7WyAswO3jz+E9+b5LXkjFeg1RC/4Y3HchR+vUwtLYMvN2rAwoyuKyCb92vZtWPbxxYKBdGb8GyzTuBmeHBR4XIT5zV+c0S2oJGOKlizvqhHVKIrfKyFY8ljFPQY9afv0LBHSRVwsUCXcnK42OHAwQzlS1tEJBLTRyboqYjH5f2gSnOWwPFBfCQEogUDj7PZ/Upkww+W3Q+x0wEen096tT6u7sHzr1eMcyeywx83bJz+xkw8kNqztTWBM9nF1E+GmNTM1TQ2Lzkh1nylKE/1Z2mVaef92NwDmJmM5YJOQqxLW4/VW4bw==",
"entityId": "https://login.xecurify.com/moas",
"xmlMetadataUrl": "https://wolf.xecurify.com/moas/spmetadata/saml/334709/idpinitiated"
}
},
"idpLoginUrl": "https://wolf.xecurify.com/moas/login?id=334709"
}
}Delete a SAML IdP
To delete a SAML IDP, you need to make an HTTP DELETE request to our delete SAML IDP Configuration endpoint.
Endpoint Information:
| Type | Information |
|---|---|
| Method | DELETE |
| URL | https://login.xecurify.com/services/api/idps/v1/saml/{uuid} |
Request headers:
| Parameters | Type |
|---|---|
| Customer-Key | int |
| Timestamp | int |
| Authorization | String |
CustomerKey : CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp : Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization : Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Main Request Parameters:
| Parameters | Type | Comments |
|---|---|---|
| uuid (required) | UUID | SAML IDP Unique identifier |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>, <UUID>, <AUTHORIZATION> and <TIMESTAMP> with the respective values
- cURL
- Java
- PHP
curl --location --request DELETE 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("https://login.xecurify.com/services/api/idps/v1/saml/<UUID>")
.method("DELETE", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://login.xecurify.com/services/api/idps/v1/saml/<UUID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Example Request:
https://login.xecurify.com/api/v1/idp/saml/cdc9c483-5634-44db-bf49-2115468b1754Example Response:
204 No Content