models.idp_service_configuration module

class models.idp_service_configuration.IdpServiceConfiguration(allow_local_authentication=None, certificate=None, certificate_filename=None, domain=None, enable=None, id=None, issuer_id=None, name=None, roles=None, saml_attribute_name=None, sign_request=None, sso_url=None, tenant_id=None)[source]

Bases: object

Implementation of the ‘IdpServiceConfiguration’ model.

Specifies the configuration of an IdP service.

Attributes:
allow_local_authentication (bool): Specifies whether to allow local

authentication. When IdP is configured, only IdP users are allowed to login to the Cluster. Local login is disabled except for users with admin role. If this flag is set to true, local (non-IdP) logins are allowed for all local and AD users. Local or AD users with admin role can login always independent of this flag’s setting.

certificate (string): Specifies the certificate generated for the app

by the IdP service when the Cluster is registered as an app. This is required to verify the SAML response.

certificate_filename (string): Specifies the filename used to upload

the certificate.

domain (string): Specifies a unique name for this IdP configuration. enable (bool): Specifies a flag to enable or disable this IdP service.

When it is set to true, IdP service is enabled. When it is set to false, IdP service is disabled. When an IdP service is created, it is set to true.

id (long|int): Specifies the Id assigned by the Cluster for the IdP

service.

issuer_id (string): Specifies the IdP provided Issuer ID for the app.

For example, exkh1aov1nhHrgFhN0h7.

name (string): Specifies the name of the vendor providing IdP

service.

roles (list of string): Specifies a list of roles assigned to an IdP

user if samlAttributeName is not given.

saml_attribute_name (string): Specifies the SAML attribute name that

contains a comma separated list of Cluster roles. Either this field or roles must be set. This field takes higher precedence than the roles field.

sign_request (bool): Specifies whether to sign the SAML request or

not. When it is set to true, SAML request will be signed. When it is set to false, SAML request is not signed. Default is false. Set this flag to true if the IdP site is configured to expect the SAML request from the Cluster signed. If this is set to true, users must get the Cluster’s certificate and upload it on the IdP site.

sso_url (string): Specifies the SSO URL of the IdP service for the

customer. This is the URL given by IdP when the customer created an account. Customers may use this for several clusters that are registered with on IdP site. For example, dev-332534.oktapreview.com

tenant_id (string): Specifies the Tenant Id if the IdP is configured

for a Tenant. If this is not set, this IdP configuration is used for the Cluster level users and for all users of Tenants not having an IdP configuration.

classmethod from_dictionary(dictionary)[source]

Creates an instance of this model from a dictionary

Args:

dictionary (dictionary): A dictionary representation of the object as obtained from the deserialization of the server’s response. The keys MUST match property names in the API description.

Returns:

object: An instance of this structure class.