Skip to main content

GET /ssoSettings

Use this method to return information about the client settings when an external SAML 2.0 identity provider is used for authentication.

Authentication

Authentication with username and password is required.

Request URL

GET https://{management_server_IP}/ssoSettings

Query parameters

None

Response codes

CodeDescriptionComments
200OKThe request completed successfully.
409ConflictThere is a conflict with the current state of the resource. A descriptive error message is returned in the response body.
500Internal Server ErrorAn internal error occurred. A descriptive error message is returned in the response body.

Response body

AttributesTypeDescription
samlEnabledBooleanIndicates whether an SAML identity provider is used for authentication. This can be one of the following values.
  • true. SAML identity provider is used.
  • false. An SAML identity provider is not used.
spMetadataAttributesObjectInformation about the SAML service provider metadata.
 entityIdStringThe service provider base URL as the unique identifier of the service provider.
 signMetadataBooleanIndicates whether the generated metadata is digitally signed. This can be one of the following values.
  • true. Metadata must be signed.
  • false. Metadata can be unsigned.
 signingAlgorithmStringThe algorithm that is used to create digital signature on the metadata object. This can be the following value:
  • sha1
 signAuthenticationRequestsBooleanIndicates whether authentication requests are signed. This can be one of the following values.
  • true. Authentication requests are signed.
  • false. Authentication requests are not signed.
 requireSignedAuthenticationResponseBooleanIndicates whether authentication responses are signed. This can be one of the following values.
  • true. Authentication responses are signed.
  • false. Authentication responses are not signed.
 requireSignedArtifactResolutionBooleanIndicates whether the signing of artifact resolution requests sent to the remote identity providers is enabled. This can be one of the following values:
  • true. Signing of artifact resolutions is enabled.
  • false. Signing of artifact resolutions is disabled.
spMetadataStringSAML service provider metadata that was generated by Lenovo XClarity Administrator.
idpMetadataStringSAML identity provider metadata that was retrieved from ADFS.
The following example is returned if the request is successful.
{
"samlEnabled":true,
"spMetadataParameters":{
"entityId":"10.243.2.124",
"signMetadata":true,
"signingAlgorithm":"sha1",
"signAuthenticationRequests":true,
"requireSignedAuthenticationResponse":true,
"requireSignedArtifactResolution":true
},
"spMetadata":"SP metadata xml ",
"idpMetadata":"IDP metadata xml"
}