Create external IdP

Prev Next

Available in Classic and VPC

Create an external SAML IdP.

Request

This section describes the request format. The method and URI are as follows:

Method URI
POST /api/v1/tenant/saml-idp

Request headers

For information about the headers common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On request headers.

Request body

You can include the following data in the body of your request:

Field Type Required Description
signRequest Boolean Optional Whether to sign AuthnRequest
  • true | false
    • true: sign
    • false: not sign
idpSigninUrl String Required Login URL of the IdP to which the user is redirected when logging in through SSO
  • 1-1000 characters
idpIssuerUrl String Required URL used as the issuer for SAML login
  • 1-1000 characters
idpCert String Required Public certificate of the IdP used to verify the signature of the SAML login
  • 1-2000 characters
signRequestAlgorithm String Conditional Hash algorithm used to sign SAML requests
  • Required when signRequest is true
  • SHA-1 | SHA-256
    • SHA-1: SHA-1 hash algorithm
    • SHA-256: SHA-256 hash algorithm
signResponseAlgorithm String Required Hash algorithm used to sign SAML responses
  • SHA-1 | SHA-256
    • SHA-1: SHA-1 hash algorithm
    • SHA-256: SHA-256 hash algorithm
protocolBinding String Required Protocol binding used for SAML login
  • HTTP-POST | HTTP-REDIRECT
    • HTTP-POST: Method of sending a SAML message by including it in the body of an HTTP-POST request
    • HTTP-REDIRECT: Method of sending a SAML message as a URL query parameter via an HTTP-GET request

Request example

The request example is as follows:

curl --location --request POST 'https://sso.apigw.ntruss.com/api/v1/tenant/saml-idp' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--data '{
    "idpSigninUrl": "https://portal.sso.ap-southeast-2.amazonaws.com/saml/assertion/MDUwNzUy****************************ZTU0NTkx",
    "idpIssuerUrl": "https://portal.sso.ap-southeast-2.amazonaws.com/saml/assertion/MDUwNzUy****************************ZTU0NTkx",
    "idpCert" : "{Certificate}",
    "signResponseAlgorithm" : "SHA-1",
    "protocolBinding" : "HTTP-POST"
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field Type Required Description
success Boolean - API processing result
  • true | false
    • true: succeeded
    • false: failed
message String - Result message
  • Displayed if success is false

Response status codes

For information about the response status codes common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On response status codes.

Response example

The response example is as follows:

{
    "success": true
}