Versions Compared

Old Version 1

changes.mady.by.user ubisebastian

Saved on

compared with

New Version Current

changes.mady.by.user Andrei Filippov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Add next and previous factor method endpoints

Table of Contents

Introduction

SSO Management API is a REST API for managing SSO Server. With Management API it is possible to automate management tasks that previously were only possible with the web browser based Management Console.

Access to API

To operate REST API an OAuth2 access token is needed. To get the access token an OAuth2 Resource Server configured as Ubisecure agent needs to be activated and configured in the Ubisecure SSO server.

...

...

Please read page Management UI Mappings - SSO.

Three kind of mappings:

  • Type outbound user mapping
    • nameIDFormat = urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified 
  • Type persistent ID mapping
    • nameIDFormat = urn:oasis:names:tc:SAML:2.0:nameid-format:persistent 
  • Type transient ID mapping
    • nameIDFormat = urn:oasis:names:tc:SAML:2.0:nameid-format:transient 

Policy function is defined with nameIDFormat attribute when policy is created.


Note

NOTE: Policy function can not be changed after creation. 

...

PUT /outboundMappingPolicy/Example/persistentIDPolicy1
nameIDFormat=urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

Note! At most one outbound mapping policy is allowed per application

Refresh token policy 

Create refresh token policy

...

    • servers
      GET /method/{path to method}/$link/server
      Cannot be set using this URI
  •  
    • Next factor method
      • GET /method/{path to method}/$link/nextFactor/method/{path to next method}
      • PUT /method/{path to method}/$link/nextFactor/method/{path to next method}
      • DELETE /method/{path to method}/$link/nextFactor/method/{path to next method}
    • Previous factor method
      • GET /method/{path to previous method}/$link/previousFactor/method/{path to method}
      • PUT /method/{path to previous method}/$link/previousFactor/method/{path to method}
      • DELETE /method/{path to previous method}/$link/previousFactor/method/{path to method}

Server

  • Get and set other objects linked to server

...