Identity and Access Management SAML API, gRPC: FederationService.Create
Creates a federation in the specified folder.
gRPC request
rpc Create (CreateFederationRequest) returns (operation.Operation)
CreateFederationRequest
{
"folder_id": "string",
"name": "string",
"description": "string",
"cookie_max_age": "google.protobuf.Duration",
"auto_create_account_on_login": "bool",
"issuer": "string",
"sso_binding": "BindingType",
"sso_url": "string",
"security_settings": {
"encrypted_assertions": "bool"
},
"case_insensitive_name_ids": "bool"
}
Field |
Description |
folder_id |
string ID of the folder to create a federation in. |
name |
string Name of the federation. |
description |
string Description of the federation. |
cookie_max_age |
Browser cookie lifetime in seconds. |
auto_create_account_on_login |
bool Add new users automatically on successful authentication. If the value is |
issuer |
string Required field. ID of the IdP server to be used for authentication. |
sso_binding |
enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the SAML Binding is a mapping of a SAML protocol message onto standard messaging
|
sso_url |
string Required field. Single sign-on endpoint URL. |
security_settings |
Federation security settings. |
case_insensitive_name_ids |
bool Use case insensitive Name IDs. |
FederationSecuritySettings
Federation security settings.
Field |
Description |
encrypted_assertions |
bool Enable encrypted assertions. |
operation.Operation
{
"id": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"created_by": "string",
"modified_at": "google.protobuf.Timestamp",
"done": "bool",
"metadata": {
"federation_id": "string"
},
// Includes only one of the fields `error`, `response`
"error": "google.rpc.Status",
"response": {
"id": "string",
"folder_id": "string",
"name": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"cookie_max_age": "google.protobuf.Duration",
"auto_create_account_on_login": "bool",
"issuer": "string",
"sso_binding": "BindingType",
"sso_url": "string",
"security_settings": {
"encrypted_assertions": "bool"
},
"case_insensitive_name_ids": "bool"
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field |
Description |
id |
string ID of the operation. |
description |
string Description of the operation. 0-256 characters long. |
created_at |
Creation timestamp. |
created_by |
string ID of the user or service account who initiated the operation. |
modified_at |
The time when the Operation resource was last modified. |
done |
bool If the value is |
metadata |
Service-specific metadata associated with the operation. |
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
CreateFederationMetadata
Field |
Description |
federation_id |
string ID of the federation that is being created. |
Federation
A federation.
For more information, see SAML-compatible identity federations.
Field |
Description |
id |
string Required field. ID of the federation. |
folder_id |
string Required field. ID of the folder that the federation belongs to. |
name |
string Required field. Name of the federation. |
description |
string Description of the federation. |
created_at |
Creation timestamp. |
cookie_max_age |
Browser cookie lifetime in seconds. |
auto_create_account_on_login |
bool Add new users automatically on successful authentication. If the value is |
issuer |
string Required field. ID of the IdP server to be used for authentication. |
sso_binding |
enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the SAML Binding is a mapping of a SAML protocol message onto standard messaging
|
sso_url |
string Required field. Single sign-on endpoint URL. |
security_settings |
Federation security settings. |
case_insensitive_name_ids |
bool Use case insensitive Name IDs. |
FederationSecuritySettings
Federation security settings.
Field |
Description |
encrypted_assertions |
bool Enable encrypted assertions. |