Table of Contents
Introduction
SSO Management API is a REST API for managing SSO Server. With Management API it is possible to automate management tasks that previously were only possible with the web browser based Management Console.
Access to API
To operate REST API an OAuth2 access token is needed. To get the access token an OAuth2 Resource Server configured as Ubisecure agent needs to be activated and configured in the Ubisecure SSO server.
...
- Sites
- Applications
- Update application metadata
- Groups
- Authentication Policies
- PolicyItem
- Links between objects
- Users
- Mappings
- Keys - see Using Management API to manage keys 8907526072 for API calls and SSO key rotation for further details
...
Please read page Management UI Mappings - SSO.
Three kind of mappings:
- Type outbound user mapping
- nameIDFormat = urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
- Type persistent ID mapping
- nameIDFormat = urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
- Type transient ID mapping
- nameIDFormat = urn:oasis:names:tc:SAML:2.0:nameid-format:transient
Policy function is defined with nameIDFormat attribute when policy is created.
Note |
---|
NOTE: Policy function can not be changed after creation. |
...
PUT
/outboundMappingPolicy/Example/persistentIDPolicy1
nameIDFormat=
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
Note! At most one outbound mapping policy is allowed per application
Refresh token policy
Create refresh token policy
...
- servers
GET /method/{path to method}/$link/server
Cannot be set using this URI
- servers
-
- Next factor method
GET /method/{path to method}/$link/nextFactor/method/{path to next method}
PUT /method/{path to method}/$link/nextFactor/method/{path to next method}
DELETE /method/{path to method}/$link/nextFactor/method/{path to next method}
- Next factor method
- Previous factor method
GET /method/{path to previous method}/$link/previousFactor/method/{path to method}
PUT
/method/{path to previous method}/$link/previousFactor/method/{path to method}
DELETE
/method/{path to previous method}/$link/previousFactor/method/{path to method}
- Previous factor method
Server
- Get and set other objects linked to server
...