IAM Service Provider:Process Generate Service Provider Metadata

Search (SHIFT+S)

ECS Management API

ECS Object Service API

ECS API Changes

Process Generate Service Provider Metadata

GET /ecs-service-provider/metadata

returns metadata for a service provider

Required Roles

Requires one of the following roles:

SYSTEM_ADMIN
SYSTEM_MONITOR
NAMESPACE_ADMIN

Response Body

Metadata for a service provider

Examples

Request

GET https://192.168.0.0::4443/ecs-service-provider/metadata
Accept: appliction/xml

Response

HTTP/1.1 200 OK
Content-Type: application/xml
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor ID="urn_ecs_25e0e516-a30f-49b0-bcbc-b2fb9ee96c90_webservices" entityID="urn:ecs:25e0e516-a30f-49b0-bcbc-b2fb9ee96c90:webservices" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDLDCCAhQ. . .</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://127.0.0.1/saml" index="0"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>

Request

GET https://192.168.0.0::4443/ecs-service-provider/metadata
Accept: appliction/json
X-SDS-AUTH-TOKEN: <AUTH_TOKEN>

Response

*NOTE: metadata is returned as a string 
HTTP/1.1 200 OK
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor ID="urn_ecs_25e0e516-a30f-49b0-bcbc-. . .</md:EntityDescriptor>

Request

curl -H $token -H "Content-Type: application/xml" -X DELETE https://$nodeIp:4443/ecs-service-provider/metadata

Response

HTTP/1.1 200 OK
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor ID="urn_ecs_25e0e516-a30f-49b0-bcbc-b2fb9ee96c90_webservices" entityID="urn:ecs:25e0e516-a30f-49b0-bcbc-b2fb9ee96c90:webservices" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDLDCCAhQ. . .</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://127.0.0.1/saml" index="0"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>