Update SAML auth settings
POST /api/admin/auth/saml/settings
Updates the settings for SAML Authentication
Request
- application/json
Body
required
samlSettingsSchema
- MOD1
- MOD2
- enabled boolean
Possible values: [
true
]Whether to enable or disable SAML 2.0 for this instance
- entityId string required
The SAML 2.0 entity ID
- signOnUrl string required
Which URL to use for Single Sign On
- certificate string required
The X509 certificate used to validate requests
- signOutUrl string
Which URL to use for Single Sign Out
- spCertificate string
Signing certificate for sign out requests
- autoCreate boolean
Should Unleash create users based on the emails coming back in the authentication reply from the SAML server
- emailDomains string
A comma separated list of email domains that Unleash will auto create user accounts for.
- defaultRootRole string
Possible values: [
Viewer
,Editor
,Admin
]Assign this root role to auto created users
- defaultRootRoleId number
Assign this root role to auto created users. Should be a role ID and takes precedence over
defaultRootRole
. - enableGroupSyncing boolean
Should we enable group syncing. Refer to the documentation Group syncing
- groupJsonPath string
Specifies the path in the SAML token response from which to read the groups the user belongs to.
- enabled boolean
Possible values: [
false
]Whether to enable or disable SAML 2.0 for this instance
- entityId string
The SAML 2.0 entity ID
- signOnUrl string
Which URL to use for Single Sign On
- certificate string
The X509 certificate used to validate requests
- signOutUrl string
Which URL to use for Single Sign Out
- spCertificate string
Signing certificate for sign out requests
- autoCreate boolean
Should Unleash create users based on the emails coming back in the authentication reply from the SAML server
- emailDomains string
A comma separated list of email domains that Unleash will auto create user accounts for.
- defaultRootRole string
Possible values: [
Viewer
,Editor
,Admin
]Assign this root role to auto created users
- defaultRootRoleId number
Assign this root role to auto created users. Should be a role ID and takes precedence over
defaultRootRole
. - enableGroupSyncing boolean
Should we enable group syncing. Refer to the documentation Group syncing
- groupJsonPath string
Specifies the path in the SAML token response from which to read the groups the user belongs to.
- 200
- 400
- 401
- 403
- 415
samlSettingsResponseSchema
- application/json
- Schema
- Example (from schema)
Schema
- enabled boolean
Possible values: [
true
]Whether to enable or disable SAML 2.0 for this instance
- entityId string
The SAML 2.0 entity ID
- signOnUrl string
Which URL to use for Single Sign On
- certificate string
The X509 certificate used to validate requests
- signOutUrl string
Which URL to use for Single Sign Out
- spCertificate string
Signing certificate for sign out requests
- autoCreate boolean
Should Unleash create users based on the emails coming back in the authentication reply from the SAML server
- emailDomains string
A comma separated list of email domains that Unleash will auto create user accounts for.
- defaultRootRole string
Possible values: [
Viewer
,Editor
,Admin
]Assign this root role to auto created users
- defaultRootRoleId number
Assign this root role to auto created users. Should be a role ID and takes precedence over
defaultRootRole
. - enableGroupSyncing boolean
Should we enable group syncing. Refer to the documentation Group syncing
- groupJsonPath string
Specifies the path in the SAML token response from which to read the groups the user belongs to.
{
"enabled": true,
"entityId": "http://localhost:8080/auth/realms/master",
"signOnUrl": "http://localhost:8080/auth/realms/master/protocol/saml",
"certificate": "MIIE/zCCBGgCAg4CMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\nA1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\nMRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\nYiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\nODIyMDcyNzIyWhcNMTcwODIxMDcyNzIyWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\nCAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\nZS5jb20wggNHMIICOQYHKoZIzjgEATCCAiwCggEBAMbmu6uSdZWRxnO5PteARz5I\nnrdM7vJadzJcY9Spf0cAhUDWyINCrUDn8h8QjbMiAxd+E7v5N85TbfvrW+/g7lYa\ne7DB0uX02Rw29yoK+TE/znNTNq6HdPn/H4ll77uJqpkWgQwXgAQ3qDKRv96QaTfr\nfSXYRxG9NvKzUBs9S7Woby7K6Pgh7/EmgeiOHKSX49XD+ihvkFRSFdeL5qV5hzDf\nepfk8Ghl0cyK9jpM/yKlRuUUkP1pSMwUrCrptyRpqqXmam0UfFuFhMT2SJyNTyo2\nSfnyZb78lbYcVLJQLJA+O3l469eOH3Odv/Pq7bvOstBKg96Q7imz5t0honf63EMC\nIQCw7FeY0QQbxWYy+MI8/0m2kiRzIruA8RUPcEs4il1mwwKCAQB4W3QLepQRTWhR\n69Xv+fC5JLEDyngw9KEalKorlg6o4Z9hASMbFMwECjlXZCxKd/NFjUMbtPcrMCoa\n/KuaqRvHLs2bqe94X5VR4lWCv0SgOunKBj58jnVuN/OkkLu4cSZQ/jia/yPkdcMv\nw8ZjF7zjPXGVhh9XC0QU9ipVfrreGaBSN+0zODKY5TyQI84FsZFZNetOTIT0HT2S\nfIDRGYaL/0xMfQx070Z07cdTTuibzJHVr38qjKqEDiwAUyjXVdE+GJ15ZD4d56Ef\n0qgRpzDmuvUjOtv1t8Hr2O2HTABqRMtAKZsLEVPjwnpKpcStixfg0uIPGVIKbej4\nFzHHpO6bA4IBBgACggEBAJNRaaTFe253sOVm/JmUgsO1QB5GI5hOEWLpC8KHxgwn\nnf/GQUaJLrN8TT4hXgJM2CdvdAkY6et1HpT6BUoz1cYTgsE3ToIsbH3SzPJvU7jz\ncPOvY1jQv+xVBrU8Ydw2D8pydbAcw/L6JZnGpFBqeHa1iFAQc0B8ToXEgxnmGAdP\nIOAKAHX0S4m6CrP5fKwYbmzu8WuWO4bRqvX7QJofrs2RaGFESulw0VrMFffJ/guf\nHTvhDaMW7TSCKo1tBZK9SdEbWCQN2stnfnRSyZFQ+v02oyQtLg+3vSuCx4PS9DM9\n/Uh3r9JDDH3GveUMbqw8Dmy6WH9iV3oOJt8aVF8F4CMwDQYJKoZIhvcNAQEFBQAD\ngYEAbxDoJM8vKVfhltpfG3YXmBKnoGb2UpdKpcjmxMt1/yX8lWJaRBwUDeiDqjVC\nJGi9gXO2SDAtXl7GI1cXTs/l7QlmoTmnc6kDwqk3pl6jC72rQH3E/Fpg7hBkSWL9\n3V1dbLU5id63lVD8sUEULyfWFGk3L+Uka5oiSsxwZhdIb/Q=\n",
"signOutUrl": "http://localhost:8080/auth/realms/master/protocol/saml",
"spCertificate": "MIIE/zCCBGgCAg4CMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\nA1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\nMRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\nYiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\nODIyMDcyNzIyWhcNMTcwODIxMDcyNzIyWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\nCAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\nZS5jb20wggNHMIICOQYHKoZIzjgEATCCAiwCggEBAMbmu6uSdZWRxnO5PteARz5I\nnrdM7vJadzJcY9Spf0cAhUDWyINCrUDn8h8QjbMiAxd+E7v5N85TbfvrW+/g7lYa\ne7DB0uX02Rw29yoK+TE/znNTNq6HdPn/H4ll77uJqpkWgQwXgAQ3qDKRv96QaTfr\nfSXYRxG9NvKzUBs9S7Woby7K6Pgh7/EmgeiOHKSX49XD+ihvkFRSFdeL5qV5hzDf\nepfk8Ghl0cyK9jpM/yKlRuUUkP1pSMwUrCrptyRpqqXmam0UfFuFhMT2SJyNTyo2\nSfnyZb78lbYcVLJQLJA+O3l469eOH3Odv/Pq7bvOstBKg96Q7imz5t0honf63EMC\nIQCw7FeY0QQbxWYy+MI8/0m2kiRzIruA8RUPcEs4il1mwwKCAQB4W3QLepQRTWhR\n69Xv+fC5JLEDyngw9KEalKorlg6o4Z9hASMbFMwECjlXZCxKd/NFjUMbtPcrMCoa\n/KuaqRvHLs2bqe94X5VR4lWCv0SgOunKBj58jnVuN/OkkLu4cSZQ/jia/yPkdcMv\nw8ZjF7zjPXGVhh9XC0QU9ipVfrreGaBSN+0zODKY5TyQI84FsZFZNetOTIT0HT2S\nfIDRGYaL/0xMfQx070Z07cdTTuibzJHVr38qjKqEDiwAUyjXVdE+GJ15ZD4d56Ef\n0qgRpzDmuvUjOtv1t8Hr2O2HTABqRMtAKZsLEVPjwnpKpcStixfg0uIPGVIKbej4\nFzHHpO6bA4IBBgACggEBAJNRaaTFe253sOVm/JmUgsO1QB5GI5hOEWLpC8KHxgwn\nnf/GQUaJLrN8TT4hXgJM2CdvdAkY6et1HpT6BUoz1cYTgsE3ToIsbH3SzPJvU7jz\ncPOvY1jQv+xVBrU8Ydw2D8pydbAcw/L6JZnGpFBqeHa1iFAQc0B8ToXEgxnmGAdP\nIOAKAHX0S4m6CrP5fKwYbmzu8WuWO4bRqvX7QJofrs2RaGFESulw0VrMFffJ/guf\nHTvhDaMW7TSCKo1tBZK9SdEbWCQN2stnfnRSyZFQ+v02oyQtLg+3vSuCx4PS9DM9\n/Uh3r9JDDH3GveUMbqw8Dmy6WH9iV3oOJt8aVF8F4CMwDQYJKoZIhvcNAQEFBQAD\ngYEAbxDoJM8vKVfhltpfG3YXmBKnoGb2UpdKpcjmxMt1/yX8lWJaRBwUDeiDqjVC\nJGi9gXO2SDAtXl7GI1cXTs/l7QlmoTmnc6kDwqk3pl6jC72rQH3E/Fpg7hBkSWL9\n3V1dbLU5id63lVD8sUEULyfWFGk3L+Uka5oiSsxwZhdIb/Q=\n",
"autoCreate": true,
"emailDomains": "getunleash.io,unleash-hosted.com",
"defaultRootRole": "Editor",
"defaultRootRoleId": 2,
"enableGroupSyncing": false,
"groupJsonPath": "groups"
}
The request data does not match what we expect.
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "ValidationError",
"message": "The request payload you provided doesn't conform to the schema. The .parameters property should be object. You sent []."
}
Authorization information is missing or invalid. Provide a valid API token as the authorization
header, e.g. authorization:*.*.my-admin-token
.
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "AuthenticationRequired",
"message": "You must log in to use Unleash. Your request had no authorization header, so we could not authorize you. Try logging in at /auth/simple/login."
}
The provided user credentials are valid, but the user does not have the necessary permissions to perform this operation
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "NoAccessError",
"message": "You need the \"UPDATE_ADDON\" permission to perform this action in the \"development\" environment."
}
The operation does not support request payloads of the provided type. Please ensure that you're using one of the listed payload types and that you have specified the right content type in the "content-type" header.
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "ContentTypeerror",
"message": "We do not accept the content-type you provided (application/xml). Try using one of the content-types we do accept instead (application/json) and make sure the body is in the corresponding format."
}