Creating External Identity Provider Configurations
Function
This API is used to create configurations for an external identity provider. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
URI
POST /v1/identity-stores/{identity_store_id}/external-idp
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
identity_store_id |
Yes |
String |
Globally unique ID of an identity source. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
idp_saml_metadata |
No |
String |
SAML metadata of an identity provider. Either the SAML settings or the SAML metadata of an identity provider must be configured. |
|
idp_certificate |
No |
String |
Identity provider certificate, which is used together with the identity provider's SAML settings. |
|
idp_saml_config |
No |
idp_saml_config object |
SAML settings of an identity provider. Either the SAML settings or the SAML metadata of an identity provider must be configured. |
Response Parameters
Status code: 201
|
Parameter |
Type |
Description |
|---|---|---|
|
hws_sp_saml_config |
SPSAMLConfig object |
Service provider configuration. |
|
idp_certificate_id |
String |
Globally unique ID of an identity provider certificate. |
|
idp_certificate_ids |
Array of strings |
List of globally unique IDs of identity provider certificates. |
|
idp_id |
String |
Globally unique ID of an external identity provider. |
|
Parameter |
Type |
Description |
|---|---|---|
|
acs_url |
String |
Response address of a service provider's assertion. |
|
issuer |
String |
Service provider issuer. |
|
metadata |
String |
Service provider metadata. |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
Example Request
Creating configurations for an external identity provider
POST https://{hostname}/v1/identity-stores/{identity_store_id}/external-idp
{
"idp_saml_metadata" : "<?xml version=\"1.0\" encoding=\"utf-8\"?><EntityDescriptor ID=\"_678cd4a8-4915-4e2d-a4ce-6*************cd/saml2\" /></IDPSSODescriptor></EntityDescriptor>"
}
Example Response
Status code: 201
Successful
{
"hws_sp_saml_config" : {
"acs_url" : "https://cn-north-4-signin.huaweicloud.com/v1/platform/saml/acs/xxxxxxx",
"issuer" : "https://cn-north-4.signin.huaweicloud.com/platform/saml/xxxxxx",
"metadata" : "<?xml version=\"1.0\" encoding=\"UTF-8\"?>xxxxxxx</md:EntityDescriptor>"
},
"idp_certificate_id" : "553523a6-ebde-4570-xxxxxxx",
"idp_certificate_ids" : [ "553523a6-ebde-4570-xxxxxxx" ],
"idp_id" : "a48e3f1b-59f8-4b8f-xxxxxxx"
}
Status Codes
|
Status Code |
Description |
|---|---|
|
201 |
Successful. |
|
400 |
Bad request. |
|
403 |
Forbidden. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
