Description
The editSAMLServer operation handles configuration related to SAMLServer model.
HTTP request
PUT /api/fdm/v6/object/samlservers/{objId}Data Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| version | False | string | A unique string version assigned by the system when the object is created or modified. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete an existing object. As the version will change every time the object is modified, the value provided in this identifier must match exactly what is present in the system or the request will be rejected. | |||
| name | False | string | A String object containing the name of the SAML object. The string can be upto a maximum of 128 characters. | |||
| description | False | string | Description of object; no more than 200 characters Field level constraints: length must be between 0 and 200 (inclusive), must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
|||
| samlIssuerURL | True | string | URL/IP address at which the SAML provider will provide metadata. Some SAML providers present this URL as "Entity ID". Length should be no less than 4 and no more than 256. Field level constraints: cannot be null, length must be between 4 and 256 (inclusive). (Note: Additional constraints might exist) |
|||
| signInURL | True | string | URL/IP address at which the SAML provider will accept incoming requests to authenticate a user. Length should be no less than 4 and no more than 500. Field level constraints: cannot be null, length must be between 4 and 500 (inclusive). (Note: Additional constraints might exist) |
|||
| signOutURL | True | string | (Optional) URL/IP address at which the SAML provider will accept incoming requests to log out. Length should be no less than 4 and no more than 500. Field level constraints: length must be between 4 and 500 (inclusive). (Note: Additional constraints might exist) |
|||
| samlIssuerCert | True | object | Trusted CA certificate provided by SAML provider. Field level constraints: cannot be null. (Note: Additional constraints might exist) Allowed types are: [ExternalCACertificate] |
|||
| ftdCert | False | object | (Optional) Trusted CA certificate provided to the SAML provider. Allowed types are: [InternalCertificate] |
|||
| requestTimeout | False | integer | (Optional) If specified, this configuration overrides NotOnOrAfter if the sum of NotBefore and timeout-in-seconds is earlier than NotOnOrAfter. Minimum value is 1, maximum value is 7200. If set to null, NotBefore and NotOnOrAfter in the assertion is used to determine the validity. Field level constraints: must be between 1 and 7200 (inclusive). (Note: Additional constraints might exist) |
|||
| serverOnInternalNetwork | False | boolean | (Optional) Flag indicating the SAML provider in on an inside network. If set to true, the sensor work in a gateway mode. Default value is false. | |||
| reAuthAtLogin | False | boolean | Require users to re-authenticate when logging into the SAML Server. | |||
| signatureType | False | string | (Optional) Type of algorithm to use when signing outgoing SAML requests. Valid values are: SHA1, SHA256, SHA384 or SHA512. Set if null to not sign. | |||
| id | False | string | UUID Field level constraints: must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
|||
| type | True | string | samlserver | |||
Path Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| objId | True | string | ||||
Example
curl -X PUT \
--header "Accept: application/json" \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Content-Type: application/json" \
-d '{
"description": "string",
"ftdCert": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"id": "string",
"name": "string",
"reAuthAtLogin": true,
"requestTimeout": 0,
"samlIssuerCert": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"samlIssuerURL": "string",
"serverOnInternalNetwork": true,
"signInURL": "string",
"signOutURL": "string",
"signatureType": "SHA1",
"type": "samlserver",
"version": "string"
}' \
"https://${HOST}:${PORT}/api/fdm/v6/object/samlservers/{objId}"from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient
def get_client(host, token):
http_client = RequestsClient()
http_client.ssl_verify = False
http_client.set_api_key(
host,
"Bearer {}".format(token),
param_name="Authorization",
param_in="header"
)
return SwaggerClient.from_url(
"https://{}/apispec/ngfw.json".format(host),
http_client=http_client,
config={
"validate_responses": False,
"validate_swagger_spec": False
}
)
def edit_saml_server(client, obj_id, body):
return client.SAMLServer.editSAMLServer(
objId=obj_id,
body=body
).response().result
if __name__ == "__main__":
host = "ftd.example.com"
token = "access_token"
client = get_client(host, token)
obj_id = "string"
body = {'description': 'string',
'ftdCert': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'id': 'string',
'name': 'string',
'reAuthAtLogin': True,
'requestTimeout': 0,
'samlIssuerCert': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'samlIssuerURL': 'string',
'serverOnInternalNetwork': True,
'signInURL': 'string',
'signOutURL': 'string',
'signatureType': 'SHA1',
'type': 'samlserver',
'version': 'string'}
edit_saml_server(client, obj_id, body)