Help Center>
Identity and Access Management>
API Reference>
API>
Federated Identity Authentication Management>
Metadata>
Querying the Metadata File of Keystone
Querying the Metadata File of Keystone
Function
This API is used to query the metadata file of Keystone.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
URI
GET /v3-ext/auth/OS-FEDERATION/SSO/metadata
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
unsigned |
No |
Boolean |
Indicates whether to sign metadata according to SAML 2.0. The default value of this parameter is false. |
Response Parameters
None
Example Request
GET https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/metadata
Example Response
Status code: 200
The request is successful.
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor ID="Mc106d5b14b70a4945fa270d8b52d0ed" entityID="https://iam.myhuaweicloud.com" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Mc106d5b14b70a4945fa270d8b52d0ed">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>GmS+Nvta/AvNy4fE7dFID5D+P1U=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ljRL...</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIC...</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<md:SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIC...</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIC...</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST" index="0" isDefault="true" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP" index="1" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
The request is successful. |
|
500 |
Internal server error. |
|
503 |
Service unavailable. |
Error Codes
None
Parent topic: Metadata
Last Article: Querying a Metadata File
Next Article: Importing a Metadata File
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.