models.idp_service_configuration module¶
-
class
models.idp_service_configuration.IdpServiceConfiguration(allow_local_authentication=None, certificate=None, certificate_filename=None, domain=None, enable=None, id=None, issuer_id=None, name=None, roles=None, saml_attribute_name=None, sign_request=None, sso_url=None, tenant_id=None)[source]¶ Bases:
objectImplementation of the ‘IdpServiceConfiguration’ model.
Specifies the configuration of an IdP service.
- Attributes:
- allow_local_authentication (bool): Specifies whether to allow local
authentication. When IdP is configured, only IdP users are allowed to login to the Cluster. Local login is disabled except for users with admin role. If this flag is set to true, local (non-IdP) logins are allowed for all local and AD users. Local or AD users with admin role can login always independent of this flag’s setting.
- certificate (string): Specifies the certificate generated for the app
by the IdP service when the Cluster is registered as an app. This is required to verify the SAML response.
- certificate_filename (string): Specifies the filename used to upload
the certificate.
domain (string): Specifies a unique name for this IdP configuration. enable (bool): Specifies a flag to enable or disable this IdP service.
When it is set to true, IdP service is enabled. When it is set to false, IdP service is disabled. When an IdP service is created, it is set to true.
- id (long|int): Specifies the Id assigned by the Cluster for the IdP
service.
- issuer_id (string): Specifies the IdP provided Issuer ID for the app.
For example, exkh1aov1nhHrgFhN0h7.
- name (string): Specifies the name of the vendor providing IdP
service.
- roles (list of string): Specifies a list of roles assigned to an IdP
user if samlAttributeName is not given.
- saml_attribute_name (string): Specifies the SAML attribute name that
contains a comma separated list of Cluster roles. Either this field or roles must be set. This field takes higher precedence than the roles field.
- sign_request (bool): Specifies whether to sign the SAML request or
not. When it is set to true, SAML request will be signed. When it is set to false, SAML request is not signed. Default is false. Set this flag to true if the IdP site is configured to expect the SAML request from the Cluster signed. If this is set to true, users must get the Cluster’s certificate and upload it on the IdP site.
- sso_url (string): Specifies the SSO URL of the IdP service for the
customer. This is the URL given by IdP when the customer created an account. Customers may use this for several clusters that are registered with on IdP site. For example, dev-332534.oktapreview.com
- tenant_id (string): Specifies the Tenant Id if the IdP is configured
for a Tenant. If this is not set, this IdP configuration is used for the Cluster level users and for all users of Tenants not having an IdP configuration.
-
classmethod
from_dictionary(dictionary)[source]¶ Creates an instance of this model from a dictionary
- Args:
dictionary (dictionary): A dictionary representation of the object as obtained from the deserialization of the server’s response. The keys MUST match property names in the API description.
- Returns:
object: An instance of this structure class.