[Index]
Model ref.: relation/HcsSsoSpREL
The full URL would include the host-proxy name: https://[host-proxy].
Variables are enclosed in square brackets.
{ "$schema": "http://json-schema.org/draft-03/schema", "type": "object", "properties": { "entity_id": { "readonly": false, "required": false, "type": "string", "description": "Usually your subdomain plus the url to the metadata", "title": "Entity Id" }, "accepted_time_diff": { "description": "The maximum acceptable difference in clock times (in seconds) between this system and any IDP.", "title": "Accepted Time Difference (seconds)", "default": 0, "required": false, "readonly": false, "type": "integer" }, "cert_file": { "description": "The public key that should be used for decrypting signed AuthnRequests", "title": "Public Key", "format": "uri", "required": false, "choices": [], "readonly": false, "target_model_type": "data/File", "type": "string", "target": "/api/data/File/choices/?format=json&hierarchy=[hierarchy]&auth_token=[authtoken] }, "sp": { "description": "Defines the settings that apply to the system when used as a Service Provider", "title": "Service Provider Settings", "required": false, "readonly": false, "type": "object", "properties": { "request_signature_method": { "description": "Set the SignatureMethod of the authentication request. Only used when 'Sign Authn Requests' is enabled. Defaults to rsa-sha1.", "title": "SignatureMethod", "default": "rsa-sha1", "required": false, "choices": [ { "value": "rsa-sha1", "title": "rsa-sha1" }, { "value": "rsa-sha224", "title": "rsa-sha224" }, { "value": "rsa-sha256", "title": "rsa-sha256" }, { "value": "rsa-sha384", "title": "rsa-sha384" }, { "value": "rsa-sha512", "title": "rsa-sha512" } ], "readonly": false, "type": "string" }, "want_response_signed": { "readonly": false, "required": false, "type": "boolean", "description": "Determines whether responses should be signed. Don't set this to true unless you are sure that all Identity Providers do sign responses.", "title": "Want Reponse Signed" }, "name": { "readonly": false, "required": true, "type": "string", "description": "A friendly identifier for the Service Provider", "title": "Name" }, "request_digest_method": { "description": "Set the DigestMethod of the authentication request. Only used when 'Sign Authn Requests' is enabled. Defaults to sha1.", "title": "DigestMethod", "default": "sha1", "required": false, "choices": [ { "value": "sha1", "title": "sha1" }, { "value": "sha224", "title": "sha224" }, { "value": "sha256", "title": "sha256" }, { "value": "sha384", "title": "sha384" }, { "value": "sha512", "title": "sha512" } ], "readonly": false, "type": "string" }, "required_attributes": { "description": "Additional attributes required to identify a user", "title": "Required Attributes", "items": { "type": "string" }, "required": false, "readonly": false, "type": "array" }, "want_assertions_signed": { "readonly": false, "required": false, "type": "boolean", "description": "Determines whether assertions should be signed. Don't set this attribute to false unless you are sure that checking the integrity of the assertions is not needed in your environment.", "title": "Want Assertions Signed" }, "authn_requests_signed": { "readonly": false, "required": false, "type": "boolean", "description": "Determines whether outgoing authentication messages will be signed. If so, the specified private key will be used. This attribute is false by default. If one of your identity providers has WantAuthnRequestsSigned set in its meta data, this attribute should be set to true.", "title": "Sign Authn Requests" }, "endpoints": { "description": "Specifies the various end points that provide an external interface to the service provider.", "title": "End Points", "required": false, "readonly": false, "type": "object", "properties": { "single_logout_service": { "items": { "type": "object", "properties": { "url": { "readonly": false, "required": true, "type": "string", "title": "URL" }, "binding": { "description": "Determines how SAML requests and responses map onto standard messaging or communications protocols.", "title": "Binding", "required": true, "choices": [ { "value": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect", "title": "HTTP-REDIRECT" } ], "readonly": false, "type": "string" } } }, "readonly": false, "required": false, "type": "array", "title": "Single Logout Service" }, "assertion_consumer_service": { "items": { "type": "object", "properties": { "url": { "readonly": false, "required": true, "type": "string", "title": "URL" }, "binding": { "description": "Determines how SAML requests and responses map onto standard messaging or communications protocols.", "title": "Binding", "required": true, "choices": [ { "value": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", "title": "HTTP-POST" } ], "readonly": false, "type": "string" } } }, "readonly": false, "required": false, "type": "array", "title": "Assertion Consumer Service" } } } } }, "spMd": { "type": "object", "properties": { "note": { "is_password": false, "title": "Note", "required": false, "displayable": true, "readonly": false, "maxLength": 1024, "type": "string" }, "md_url": { "is_password": false, "description": "The URL to SSO SP metadata", "title": "Metadata URL", "required": false, "displayable": false, "readonly": false, "maxLength": 1024, "type": "string" } }, "title": "Sp Md" }, "valid_for": { "readonly": false, "required": false, "type": "integer", "description": "The number of hours for which the metadata is valid for", "title": "Validity (Hours)" }, "use_custom_cert_for_signing": { "readonly": false, "required": false, "type": "boolean", "description": "Indicates if previously uploaded public/private keys must be used for signing. If true, the 'Public Key' and 'Private Key' fields are required. If false, a system-generated Public/Private key pair is used.", "title": "Use Custom Certificate for Signing" }, "system_cert": { "description": "A reference to the data/Certificate instance that contains the system generated certificate to be used.", "title": "System Generated Certificate", "format": "uri", "required": false, "choices": [], "readonly": false, "target_model_type": "data/Certificate", "type": "string", "target": "/api/data/Certificate/choices/?format=json&hierarchy=[hierarchy]&auth_token=[authtoken] }, "key_file": { "description": "The private key that is used for signing AuthnRequests", "title": "Private Key", "format": "uri", "required": false, "choices": [], "readonly": false, "target_model_type": "data/File", "type": "string", "target": "/api/data/File/choices/?format=json&hierarchy=[hierarchy]&auth_token=[authtoken] }, "contact_person": { "description": "Service Provider contact details", "title": "Contact Person", "items": { "type": "object", "properties": { "email_address": { "readonly": false, "required": false, "type": "string", "description": "Contact's email address", "title": "Email Address" }, "company": { "readonly": false, "required": false, "type": "string", "description": "Contact's company", "title": "Company" }, "givenname": { "readonly": false, "required": false, "type": "string", "description": "Contact's first name", "title": "First Name" }, "surname": { "readonly": false, "required": false, "type": "string", "description": "Contact's last name", "title": "Last Name" }, "contact_type": { "readonly": false, "required": false, "type": "string", "description": "Type of contact", "title": "Contact Type" } } }, "required": false, "readonly": false, "type": "array" }, "block_unencrypted_assertions": { "description": "Block unencrypted assertions", "title": "Block unencrypted assertions", "default": false, "required": false, "readonly": false, "type": "boolean" } }, "schema_version": "2.1" }
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Get the GUI Add form. | GET | /api/relation/HcsSsoSpREL/add/ |
|
The GUI Add form of relation/HcsSsoSpREL as JSON |
The API call to the /add/ URL can only be made from a hierarchy that allows the model type to be added. The actions in the response shows the url for the POST API call to create an instance.
Task | Call | URL | Parameters | Payload |
---|---|---|---|---|
Create | POST | /api/relation/HcsSsoSpREL/ | hierarchy=[hierarchy] |
|
tool/Transaction/[trans pkid]to inspect the created resource and its instance pkid.
Task | Call | URL | Parameters | Payload |
---|---|---|---|---|
Bulk delete [pkid1],[pkid2]... | DELETE | /api/relation/HcsSsoSpREL/ | hierarchy=[hierarchy] | {"hrefs":["/api/relation/HcsSsoSpREL/[pkid1]", "/api/relation/HcsSsoSpREL/[pkid2]", ...]} |
GET http://[host-proxy]/api/relation/HcsSsoSpREL/?hierarchy=[hierarchy]&format=json
Task | Call | URL | Parameters | Payload |
---|---|---|---|---|
Get a selected [export_format] of the schema and instances [pkid1], [pkid2],... of relation/HcsSsoSpREL; optionally with tag_version at [version] and Configuration Template as [configtemplate]. | POST | /api/relation/HcsSsoSpREL/export/ |
|
{ "hrefs":["/api/relation/HcsSsoSpREL/[pkid1]", "/api/relation/HcsSsoSpREL/[pkid2]",...]}} |
For export_format=json, the response is a time stamped zip file of data in JSON as in the system database. Item properties such as strings that are empty or Boolean values that are not set, are not included. The filename in the response is of the format as the example:
Content-Disposition: attachment; filename=export_2013-05-17_14:20:19.186444.json.zip Content-Language:en Content-Type:application/x-zip
For export_format=raw_xlsx, the response is a MS Excel spreadsheet with columns corresponding to the JSON format export and a response filename format:
Content-Disposition: attachment; filename=<resource_type>_<resource_name>_exportedsheet_CCYY-MM-DD_HH-MM-SS.xlsx Content-Language:en Content-Type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
For export_format=xlsx, the response is a MS Excel spreadsheet, arranged by any Field Display Policies that apply. The columns correspond with those of a Bulk Load Template export sheet. The response filename format is:
Content-Disposition: attachment; filename=<resource_type>_<resource_name>_exportedsheet_formatted_CCYY-MM-DD_HH-MM-SS.xlsx Content-Language:en Content-Type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
The XLSX format can be used to bulk load instances of relation/HcsSsoSpREL and the JSON format can be used to import instances of relation/HcsSsoSpREL.
GET http://[host-proxy]/api/relation/HcsSsoSpREL/?hierarchy=[hierarchy]
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Get a compressed format of the Bulk Load spreadsheet template for relation/HcsSsoSpREL | POST | /api/relation/HcsSsoSpREL/export_bulkload_template/ |
|
The response is an attachment of the format: filetype_bulkloadsheet.xlsx.gz |
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
List | GET | /api/relation/HcsSsoSpREL/ |
|
The relation/HcsSsoSpREL schema and all instances as JSON. |
(The list will return 0 to 3 relation/HcsSsoSpREL instances)
{ "operations": [ "field_display_policy", "configuration_template", "help", "get", "export_bulkload_template", "list", "update", "remove", "add", "bulk_update", "export" ], "pagination": { "direction": "asc", "order_by": "entity_id", "maximum_limit": 2000, "skip": 0, "current": "/api/relation/HcsSsoSpREL/?skip=0&limit=3&order_by=entity_id&direction=asc&traversal=default", "limit": 3, "total_limit": null, "total": 1 }, "meta": { "tags": [], "cached": true, "title": "", "business_key": {}, "schema_version": "2.1", "references": { "device": [ { "pkid": "", "href": "" } ], "self": [ { "pkid": null, "href": "/api/relation/HcsSsoSpREL/None/" } ], "children": [], "parent": [ { "pkid": "6t0ggef2c0deab00hb595101", "href": "/api/data/HierarchyNode/6t0ggef2c0deab00hb595101" } ], "foreign_key": [] }, "actions": [ { "add": { "support_async": false, "class": "add", "href": "/api/relation/HcsSsoSpREL/add/?hierarchy=[hierarchy]", "method": "GET", "title": "Add" } }, { "remove": { "support_async": true, "class": "delete", "href": "/api/relation/HcsSsoSpREL/?hierarchy=[hierarchy]", "method": "DELETE", "title": "Delete" } }, { "export": { "title": "Export", "support_async": false, "submit": "payload", "class": "export", "href": "/api/relation/HcsSsoSpREL/export/?hierarchy=[hierarchy]", "method": "POST", "view": "/api/view/ExportData/add/?auth_token=[authtoken] } }, { "export_bulkload_template": { "support_async": false, "class": "bulkload_template", "href": "/api/relation/HcsSsoSpREL/export_bulkload_template/?hierarchy=[hierarchy]", "method": "POST", "title": "Export Bulk Load Template" } }, { "list": { "support_async": false, "class": "list", "href": "/api/relation/HcsSsoSpREL/?hierarchy=[hierarchy]", "method": "GET", "title": "List" } }, { "help": { "support_async": false, "class": "help", "href": "/api/relation/HcsSsoSpREL/help?hierarchy=[hierarchy]", "method": "GET", "title": "Help" } } ], "model_type": "relation/HcsSsoSpREL", "model_specific_actions": [ "help", "get", "export_bulkload_template", "list", "update", "remove", "add", "export" ], "summary_attrs": [ { "name": "entity_id", "title": "Entity Id" }, { "allow_filtering": true, "name": "hierarchy_friendly_name", "title": "Located At" } ], "api_version": "21.2", "tagged_versions": [] }, "resources": [ { "pkid": "6305568cc46e74b4687dd07f", "meta": { "tags": [], "cached": true, "title": "https://[host]/sso/metadata", "business_key": { "hierarchy": false, "unique": [ "entity_id" ] }, "schema_version": "0.2.2", "summary": "false", "references": { "device": [ { "pkid": "", "href": "" } ], "owner": [ { "pkid": "" } ], "self": [ { "pkid": "6305568cc46e74b4687dd07f", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/" } ], "parent": [ { "pkid": "6305086243fcc416f18ea4ac", "href": "/api/data/HierarchyNode/6305086243fcc416f18ea4ac" } ], "foreign_key": [ { "pkid": "6305566cc46e74b4687dd055", "path": "system_cert", "model_type": "data/Certificate" } ] }, "actions": [ { "update": { "support_async": true, "class": "update", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/", "method": "PUT", "title": "Modify" } }, { "remove": { "support_async": true, "class": "delete", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/", "method": "DELETE", "title": "Delete" } }, { "export": { "title": "Export", "support_async": false, "submit": "payload", "class": "export", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/export/", "method": "GET", "view": "/api/view/ExportData/add/" } }, { "get": { "support_async": false, "class": "get", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/", "method": "GET", "title": "Get" } }, { "help": { "support_async": false, "class": "help", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/help", "method": "GET", "title": "Help" } } ], "model_type": "relation/HcsSsoSpREL", "path": [ "6t0ggef2c0deab00hb595101", "6305086243fcc416f18ea4ac", "6305568cc46e74b4687dd07f" ], "summary_attrs": [ { "name": "entity_id", "title": "Entity Id" }, { "allow_filtering": true, "name": "hierarchy_friendly_name", "title": "Located At" } ], "api_version": "21.2", "tagged_versions": [] }, "data": { "entity_id": "https://[host]/sso/metadata", "pkid": "6305568cc46e74b4687dd080", "sp": { "endpoints": { "assertion_consumer_service": [ { "url": "https://[host]/sso/acs/", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } ] }, "name": "[host]", "required_attributes": [ "uid" ] }, "valid_for": 24, "system_cert": "[\"SSO-Cert\", \"hcs\"]", "hierarchy_friendly_name": "hcs (Hcs)", "hierarchy_path": "sys.hcs" } } ] }
(Show the first instance)
{ "pkid": "6305568cc46e74b4687dd07f", "meta": { "tags": [], "cached": true, "cache_control_policy": "cache_then_device", "title": "https://[host]/sso/metadata", "business_key": {}, "schema_version": "2.1", "references": { "device": [ { "pkid": "", "href": "" } ], "self": [ { "pkid": "6305568cc46e74b4687dd07f", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/" } ], "children": [], "parent": [ { "pkid": "6305086243fcc416f18ea4ac", "href": "/api/data/HierarchyNode/6305086243fcc416f18ea4ac" } ] }, "actions": [ { "update": { "support_async": true, "class": "update", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/?hierarchy=[hierarchy]", "method": "PUT", "title": "Modify" } }, { "remove": { "support_async": true, "class": "delete", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/?hierarchy=[hierarchy]", "method": "DELETE", "title": "Delete" } }, { "export": { "title": "Export", "support_async": false, "submit": "payload", "class": "export", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/export/?hierarchy=[hierarchy]", "method": "GET", "view": "/api/view/ExportData/add/?auth_token=[authtoken] } }, { "get": { "support_async": false, "class": "get", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/?hierarchy=[hierarchy]", "method": "GET", "title": "Get" } }, { "help": { "support_async": false, "class": "help", "href": "/api/relation/HcsSsoSpREL/6305568cc46e74b4687dd07f/help?hierarchy=[hierarchy]", "method": "GET", "title": "Help" } } ], "model_type": "relation/HcsSsoSpREL", "summary_attrs": [ { "name": "entity_id", "title": "Entity Id" }, { "allow_filtering": true, "name": "hierarchy_friendly_name", "title": "Located At" } ], "api_version": "21.2", "tagged_versions": [] }, "data": { "spMd": { "md_url": "https://[host]/sso/metadata" }, "entity_id": "https://[host]/sso/metadata", "sp": { "endpoints": { "assertion_consumer_service": [ { "url": "https://[host]/sso/acs/", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } ] }, "name": "[host]", "required_attributes": [ "uid" ] }, "valid_for": 24, "system_cert": "[\"SSO-Cert\", \"hcs\"]" } }
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Get the on-line Help for relation/HcsSsoSpREL. | GET | /api/relation/HcsSsoSpREL/help | hierarchy=[hierarchy] | On-line help of Model ref.: relation/HcsSsoSpREL as HTML |
Task | Call | URL | Parameters | Payload |
---|---|---|---|---|
Modify | PUT | /api/relation/HcsSsoSpREL/[pkid]/ | hierarchy=[hierarchy] | (For payload specification) |
For Bulk modification, refer to the Bulk Modify section.
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Delete | DELETE | /api/relation/HcsSsoSpREL/[pkid]/ | hierarchy=[hierarchy] |
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Get a selected [export_format] of the schema and a single instance with [pkid] of relation/HcsSsoSpREL; optionally with tag_version at [version] and Configuration Template as [configtemplate]. | GET | /api/relation/HcsSsoSpREL/[pkid]/export/ |
|
The response is an attachment. Refer to the list below. |
For export_format=raw_xlsx, the response is a "raw" MS Excel spreadsheet with columns corresponding to the JSON format export and a response format:
Content-Disposition: attachment; filename=<resource_type>_<resource_name>_exportedsheet_CCYY-MM-DD_HH-MM-SS.xlsx Content-Language:en Content-Type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
For export_format=xlsx, the response is a MS Excel spreadsheet, formatted to show all columns and a response format:
Content-Disposition: attachment; filename=<resource_type>_<resource_name>_exportedsheet_formatted_CCYY-MM-DD_HH-MM-SS.xlsx Content-Language:en Content-Type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
For export_format=json, the response is a time stamped zip file of data in JSON and a response format:
Content-Disposition: attachment; filename=export_2013-05-17_14:20:19.186444.json.zip Content-Language:en Content-Type:application/x-zip
The XLSX format can be used to bulk load instances of relation/HcsSsoSpREL and the JSON format can be used to import instances of relation/HcsSsoSpREL.
For Bulk Export, refer to the Bulk Export section.
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Get | GET | /api/relation/HcsSsoSpREL/[pkid]/ | hierarchy=[hierarchy] | The relation/HcsSsoSpREL instance with [pkid]. |
Task | Call | URL | Parameters | Response |
---|---|---|---|---|
Help | GET | /api/relation/HcsSsoSpREL/[pkid]/help | hierarchy=[hierarchy] | The on-line Help for relation/HcsSsoSpREL. |