sources_saml_update
PUT/sources/saml/:slug/
SAMLSource Viewset
Request
Path Parameters
- application/json
Body
required
Possible values: non-empty
Source's display Name.
Possible values: non-empty
and <= 50 characters
, Value must match regular expression ^[-a-zA-Z0-9_]+$
Internal source name, used in URLs.
Flow to use when authenticating existing users.
Flow to use when enrolling new users.
Possible values: [all
, any
]
Possible values: [identifier
, email_link
, email_deny
, username_link
, username_deny
]
Possible values: non-empty
Flow used before authentication.
Also known as Entity ID. Defaults the Metadata URL.
Possible values: non-empty
and <= 200 characters
URL that the initial Login request is sent to.
Possible values: <= 200 characters
Optional URL if your IDP supports Single-Logout.
Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
Possible values: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
, urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
, urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
, urn:oasis:names:tc:SAML:2.0:nameid-format:transient
]
Possible values: [REDIRECT
, POST
, POST_AUTO
]
When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
Keypair used to sign outgoing Responses going to the Identity Provider.
Possible values: [http://www.w3.org/2000/09/xmldsig#sha1
, http://www.w3.org/2001/04/xmlenc#sha256
, http://www.w3.org/2001/04/xmldsig-more#sha384
, http://www.w3.org/2001/04/xmlenc#sha512
]
Possible values: [http://www.w3.org/2000/09/xmldsig#rsa-sha1
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
, http://www.w3.org/2000/09/xmldsig#dsa-sha1
]
Possible values: non-empty
Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3).
Responses
- 200
- 400
- 403
- application/json
- Schema
- Example (from schema)
Schema
Source's display Name.
Possible values: <= 50 characters
, Value must match regular expression ^[-a-zA-Z0-9_]+$
Internal source name, used in URLs.
Flow to use when authenticating existing users.
Flow to use when enrolling new users.
Get object component so that we know how to edit the object
Return object's verbose_name
Return object's plural verbose_name
Return internal model name
Possible values: [all
, any
]
Possible values: [identifier
, email_link
, email_deny
, username_link
, username_deny
]
Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.
Flow used before authentication.
Also known as Entity ID. Defaults the Metadata URL.
Possible values: <= 200 characters
URL that the initial Login request is sent to.
Possible values: <= 200 characters
Optional URL if your IDP supports Single-Logout.
Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
Possible values: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
, urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
, urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
, urn:oasis:names:tc:SAML:2.0:nameid-format:transient
]
Possible values: [REDIRECT
, POST
, POST_AUTO
]
When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
Keypair used to sign outgoing Responses going to the Identity Provider.
Possible values: [http://www.w3.org/2000/09/xmldsig#sha1
, http://www.w3.org/2001/04/xmlenc#sha256
, http://www.w3.org/2001/04/xmldsig-more#sha384
, http://www.w3.org/2001/04/xmlenc#sha512
]
Possible values: [http://www.w3.org/2000/09/xmldsig#rsa-sha1
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
, http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
, http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
, http://www.w3.org/2000/09/xmldsig#dsa-sha1
]
Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3).
{
"pk": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"slug": "string",
"enabled": true,
"authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"component": "string",
"verbose_name": "string",
"verbose_name_plural": "string",
"meta_model_name": "string",
"policy_engine_mode": "all",
"user_matching_mode": "identifier",
"managed": "string",
"user_path_template": "string",
"icon": "string",
"pre_authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"issuer": "string",
"sso_url": "string",
"slo_url": "string",
"allow_idp_initiated": true,
"name_id_policy": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"binding_type": "REDIRECT",
"verification_kp": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"signing_kp": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"digest_algorithm": "http://www.w3.org/2000/09/xmldsig#sha1",
"signature_algorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
"temporary_user_delete_after": "string"
}
- application/json
- Schema
- Example (from schema)
Schema
{
"non_field_errors": [
"string"
],
"code": "string"
}
- application/json
- Schema
- Example (from schema)
Schema
{
"detail": "string",
"code": "string"
}