Update local SAML signing keys.
POST
/api/admin/saml-settings/local-signing
Code sample: Shell / cURL
curl --request POST \ --url https://auth.example.com/api/admin/saml-settings/local-signing \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data '{ "role": "idp", "action": "publish_next" }'Creates, publishes, promotes, deletes, or retires tenant-local SAML signing keys for the IdP or SP role and returns the updated SAML settings.
Authorizations
Section titled “Authorizations ”Request Body required
Section titled “Request Body required ” Media type application/json
object
role
required
string
action
required
string
certificateSubject
object
key
additional properties
certificateSubjectAlternativeNames
Array<string>
keepPreviousAsBackup
boolean
targetKid
string
targetKeyRef
string
validFrom
integer
validTo
integer
publicKeyAlgorithm
string
publicKeySizeBits
integer
Example
{ "role": "idp", "action": "publish_next"}Responses
Section titled “ Responses ”Successful JSON response.
Media type application/json
object
tenantId
required
string
entityIdStyle
required
string
interactiveLoginUrlPolicy
required
string
certificateSubject
object
key
additional properties
certificateSubjectAlternativeNames
Array<string>
signingKeyPolicies
object
key
additional properties
metadata
required
object
key
additional properties
localSigning
required
object
key
additional properties
generated
required
object
issuerUrl
required
string format: uri
idpEntityId
required
string
spEntityId
required
string
idpMetadataUrl
required
string format: uri
spMetadataUrl
required
string format: uri
key
additional properties
Example
{ "tenantId": "tenant_123", "entityIdStyle": "tenant_path", "interactiveLoginUrlPolicy": "tenant_login_url", "certificateSubject": { "commonName": "Authrim SAML" }, "certificateSubjectAlternativeNames": [], "signingKeyPolicies": {}, "metadata": { "publicationEnabled": true }, "localSigning": { "certificateSubject": { "commonName": "Authrim SAML" }, "certificateSubjectAlternativeNames": [], "idpSigningKeyPolicy": {}, "spSigningKeyPolicy": {} }, "generated": { "issuerUrl": "https://auth.example.com", "idpEntityId": "https://auth.example.com/saml/idp/metadata", "spEntityId": "https://auth.example.com/saml/sp/metadata", "idpMetadataUrl": "https://auth.example.com/saml/idp/metadata", "spMetadataUrl": "https://auth.example.com/saml/sp/metadata" }}