IdentityProvidersInfo

The Providers.Info structure contains the information about an identity provider.

Properties

boolean

is_default Required

Specifies whether the provider is the default provider.

array of string

org_ids Required

The set of orgIds as part of SDDC creation which provides the basis for tenancy

IdentityProvidersConfigType Enum

config_tag Required

The config type of the identity provider

Possible values are: Oauth2 , Oidc

IdentityProvidersActiveDirectoryOverLdap

active_directory_over_ldap Optional

Identity management configuration. This field is optional and it is only relevant when the value of Providers.Info.idm-protocol is LDAP.

string

groups_claim Optional

Specifies which claim provides the group membership for the token subject. If empty, the default behavior for CSP is used. In this case, the groups for the subject will be comprised of the groups in ‘group_names’ and ‘group_ids’ claims. This field is optional because it was added in a newer version than its parent node.

array of string as uri

idm_endpoints Optional

Identity management endpoints. This field is optional and it is only relevant when the value of Providers.Info.idm-protocol is one of REST, SCIM, or SCIM2_0.

IdentityProvidersIdmProtocol Enum

idm_protocol Optional

Communication protocol to the identity management endpoints. This field is optional because it was added in a newer version than its parent node.

Possible values are: REST , SCIM , SCIM2_0 , LDAP

array of string

domain_names Optional

Set of fully qualified domain names to trust when federating with this identity provider. Tokens from this identity provider will only be validated if the user belongs to one of these domains, and any domain-qualified groups in the tokens will be filtered to include only those groups that belong to one of these domains. If domainNames is an empty set, domain validation behavior at login with this identity provider will be as follows: the user’s domain will be parsed from the User Principal Name (UPN) value that is found in the tokens returned by the identity provider. This domain will then be implicitly trusted and used to filter any groups that are also provided in the tokens. This field is optional because it was added in a newer version than its parent node.

string

name Optional

The user friendly name for the provider This field is optional because it was added in a newer version than its parent node.

IdentityProvidersOauth2Info

oauth2 Optional

OAuth2 Info This field is optional and it is only relevant when the value of Providers.Info.config-tag is Oauth2.

IdentityProvidersOidcInfo

oidc Optional

OIDC Info This field is optional and it is only relevant when the value of Providers.Info.config-tag is Oidc.

map of string

auth_query_params Optional

key/value pairs that are to be appended to the authEndpoint request.

How to append to authEndpoint request: If the map is not empty, a “?” is added to the endpoint URL, and combination of each k and each string in the v is added with an “&” delimiter. Details: - If the value contains only one string, then the key is added with “k=v”. - If the value is an empty list, then the key is added without a “=v”. - If the value contains multiple strings, then the key is repeated in the query-string for each string in the value.

This field is optional because it was added in a newer version than its parent node.

string

upn_claim Optional

Specifies which claim provides the user principal name (UPN) for the user. This field is optional because it was added in a newer version than its parent node.

JSON Example

Show optional properties

{
    "config_tag": "enum",
    "is_default": false,
    "org_ids": [
        "string"
    ]
}

{
    "active_directory_over_ldap": {
        "cert_chain": {
            "cert_chain": [
                "string"
            ]
        },
        "groups_base_dn": "string",
        "password": "string",
        "server_endpoints": [
            "string"
        ],
        "user_name": "string",
        "users_base_dn": "string"
    },
    "auth_query_params": {
        "key": "string"
    },
    "config_tag": "enum",
    "domain_names": [
        "string"
    ],
    "groups_claim": "string",
    "idm_endpoints": [
        "string"
    ],
    "idm_protocol": "enum",
    "is_default": false,
    "name": "string",
    "oauth2": {
        "auth_endpoint": "string",
        "auth_query_params": {
            "key": "string"
        },
        "authentication_method": "enum",
        "client_id": "string",
        "client_secret": "string",
        "issuer": "string",
        "public_key_uri": "string",
        "token_endpoint": "string"
    },
    "oidc": {
        "auth_endpoint": "string",
        "auth_query_params": {
            "key": "string"
        },
        "authentication_method": "enum",
        "client_id": "string",
        "client_secret": "string",
        "discovery_endpoint": "string",
        "issuer": "string",
        "logout_endpoint": "string",
        "public_key_uri": "string",
        "token_endpoint": "string"
    },
    "org_ids": [
        "string"
    ],
    "upn_claim": "string"
}

Returned By

Get Providers

IdentityProvidersInfo

Properties

JSON Example

Returned By

Was this page helpful?