コンテンツにスキップ

Update local SAML signing keys.

POST
/api/admin/saml-settings/local-signing
Code sample: Shell / cURL
curl --request POST \
--url https://auth.example.com/api/admin/saml-settings/local-signing \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "role": "idp", "action": "publish_next" }'

Creates, publishes, promotes, deletes, or retires tenant-local SAML signing keys for the IdP or SP role and returns the updated SAML settings.

Media type application/json
object
role
required
string
Allowed values: idp sp
action
required
string
Allowed values: recreate_active publish_next promote_next retire_backup delete_next
certificateSubject
object
key
additional properties
certificateSubjectAlternativeNames
Array<string>
keepPreviousAsBackup
boolean
targetKid
string
targetKeyRef
string
validFrom
integer
validTo
integer
publicKeyAlgorithm
string
Allowed values: RSA
publicKeySizeBits
integer
Example
{
"role": "idp",
"action": "publish_next"
}

Successful JSON response.

Media type application/json
object
tenantId
required
string
entityIdStyle
required
string
interactiveLoginUrlPolicy
required
string
certificateSubject
object
key
additional properties
certificateSubjectAlternativeNames
Array<string>
signingKeyPolicies
object
key
additional properties
metadata
required
object
key
additional properties
localSigning
required
object
key
additional properties
generated
required
object
issuerUrl
required
string format: uri
idpEntityId
required
string
spEntityId
required
string
idpMetadataUrl
required
string format: uri
spMetadataUrl
required
string format: uri
key
additional properties
Example
{
"tenantId": "tenant_123",
"entityIdStyle": "tenant_path",
"interactiveLoginUrlPolicy": "tenant_login_url",
"certificateSubject": {
"commonName": "Authrim SAML"
},
"certificateSubjectAlternativeNames": [],
"signingKeyPolicies": {},
"metadata": {
"publicationEnabled": true
},
"localSigning": {
"certificateSubject": {
"commonName": "Authrim SAML"
},
"certificateSubjectAlternativeNames": [],
"idpSigningKeyPolicy": {},
"spSigningKeyPolicy": {}
},
"generated": {
"issuerUrl": "https://auth.example.com",
"idpEntityId": "https://auth.example.com/saml/idp/metadata",
"spEntityId": "https://auth.example.com/saml/sp/metadata",
"idpMetadataUrl": "https://auth.example.com/saml/idp/metadata",
"spMetadataUrl": "https://auth.example.com/saml/sp/metadata"
}
}