Identity Provider¶
The identity provider object defines an external authorization provider to access through SAML.
The IDP object defines the URL to the metadata or, if that isn't available, the metadata XML blob itself. This is used to define the security features of the IDP and DRP relationship.
Additionally, fields can be used to customize the user experience.
LogoPath| Defines URL or DRP files icon for display by the UX.DisplayName| String to display with the logo.
Once identity has been confirmed, the IDP object defines who the user should be added to the system and what accesses that user is allowed.
| Field | Definition |
|---|---|
| DefaultRole | DefaultRole - defines the default role to give these users |
| DenyIfNoGroups | DenyIfNoGroups - defines if the auth should fail if no groups are found in the GroupAttribute |
| Description | Description is a string for providing a simple description |
| DisplayName | DisplayName - The name to display to user |
| Documentation | Documentation is a string for providing additional in depth information. |
| GroupAttribute | GroupAttribute - specifies the attribute in the Assertions to use as group memberships |
| GroupToRoles | GroupToRoles - defines the group names that map to DRP Roles |
| LogoPath | LogoPath - The path on DRP or the URL to the logo icon |
| Meta | Meta contains the meta data of the object. The type of this field is a key / value map/dictionary. The key type is string. The value type is also string. The general content of the field is undefined and can be an arbritary store. There are some common known keys: color - The color the UX uses when displaying icon - The icon the UX uses when displaying * title - The UX uses this for additional display information. Often the source of the object. Specific Object types use additional meta data fields. These are described at: https://docs.rackn.io/stable/redirect/?ref=rs_object_metadata |
| MetaDataBlob | MetaDataBlob - String form of the metadata - instead of MetaDataUrl |
| MetaDataUrl | MetaDataUrl - URL to get the metadata for this IdP - instead of MetaDataBlob |
| Name | Name is the name of this identity provider required: true |
| UserAttribute | UserAttribute - specifies the attribute in the Assertions to use as username |