GET /saml

Retrieves the current SAML configuration settings. Authentication is required.

Request format

When Forming RBAC API requests to this endpoint, the request is a basic call with authentication, such as:

curl "https://$(puppet config print server):4433/rbac-api/v1/saml" -H "X-Authentication:$(puppet-access show)"

Response format

If the authentication is valid and there is an existing SAML configuration, the endpoint returns 200 OK and a JSON object containing the current SAML configuration settings. For example:

{
  "want_xml_validation":true,
  "sign_metadata":true,
  "requested_authn_context_comparison":"exact",
  "want_assertions_encrypted":true,
  "want_name_id_encrypted":true,
  "want_messages_signed":true,
  "signature_algorithm":"rsa-sha256",
  "user_display_name_attr":"test",
  "want_assertions_signed":true,
  "user_lookup_attr":"test_lookup",
  "requested_auth_context":"test-request",
  "allow_duplicated_attribute_name":true,
  "idp_sso_url":"https://idp.example.org/SAML2/SSO",
  "group_lookup_attr":"group_lookup_test",
  "idp_certificate":["MIIGADCCA+igAwIBAgIBAjANBgkqhkiG9w0BAQsFADBqMWgwZgYDVQQDDF9QdXBw"],
  "user_email_attr":"email_attr",
  "display_name":"Corporate Okta",
  "idp_entity_id":"entity_id",
  "idp_slo_url":"https://ipd.example.com/SAML2/SLO"
}

Returns 404 Not Found if the SAML data is not configured.

For information about each setting, refer to SAML configuration reference.

For errors, refer to RBAC service errors .