Querying the Metadata File of Keystone
Function
This API is used to query the metadata file of Keystone.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
URI
GET /v3-ext/auth/OS-FEDERATION/SSO/metadata
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
unsigned |
No |
Boolean |
Indicates whether to sign metadata according to SAML 2.0. The default value of this parameter is false. |
Response Parameters
None
Example Request
Request for querying the metadata file of Keystone
GET https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/metadata
Example Response
Status code: 200
The request is successful.
<?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor ID="Mc106d5b14b70a4945fa270d8b52d0ed" entityID="https://iam.myhuaweicloud.com" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#Mc106d5b14b70a4945fa270d8b52d0ed"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>GmS+Nvta/AvNy4fE7dFID5D+P1U=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>ljRL...</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIC...</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <md:SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIC...</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIC...</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST" index="0" isDefault="true" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://iam.myhuaweicloud.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP" index="1" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/> </md:SPSSODescriptor> </md:EntityDescriptor>
Status Codes
Status Code |
Description |
|---|---|
200 |
The request is successful. |
500 |
Internal server error. |
503 |
Service unavailable. |
Error Codes
None
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
