Skip to main content

identity_providers

Creates, updates, deletes, gets or lists an identity_providers resource.

Overview

Nameidentity_providers
TypeResource
Idsumologic.saml.identity_providers

Fields

The following fields are returned by SELECT queries:

A list of SAML configurations in the organization.

NameDatatypeDescription
idstringUnique identifier of the SAML Identity Provider. (example: 00000000361130F7)
assertionConsumerUrlstringThe URL on Sumo Logic where the IdP will redirect to with its authentication response. (example: https://service.sumologic.com/sumo/saml/consume/9483922, default: )
authnRequestUrlstringThe URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. (example: https://www.okta.com/app/sumologic/abxcseyuiwelflkdjh/sso/saml, default: )
certificatestringAuthentication Request Signing Certificate for the user.
configurationNamestringName of the SSO policy or another name used to describe the policy internally. (example: SumoLogic)
createdAtstring (date-time)Creation timestamp in UTC in RFC3339 format. (example: 2018-10-16T09:10:00Z)
createdBystringIdentifier of the user who created the resource. (example: 0000000006743FDD)
debugModebooleanTrue if additional details are included when a user fails to sign in.
disableRequestedAuthnContextbooleanTrue if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider.
emailAttributestringThe email address of the new user account. (example: attribute/subject, default: )
entityIdstringA unique identifier that is the intended audience of the SAML assertion. (example: https://service.sumologic.com/sumo/saml/9483922, default: )
isRedirectBindingbooleanTrue if the SAML binding is of HTTP Redirect type.
issuerstringThe unique URL assigned to the organization by the SAML Identity Provider. (example: http://www.okta.com/abxcseyuiwelflkdjh)
logoutEnabledbooleanTrue if users are redirected to a URL after signing out of Sumo Logic.
logoutUrlstringThe URL that users will be redirected to after signing out of Sumo Logic. (example: https://www.sumologic.com, default: )
modifiedAtstring (date-time)Last modification timestamp in UTC. (example: 2018-10-16T09:10:00Z)
modifiedBystringIdentifier of the user who last modified the resource. (example: 0000000006743FE8)
onDemandProvisioningEnabledobject
rolesAttributestringThe role that Sumo Logic will assign to users when they sign in. (example: Sumo_Role, default: )
signAuthnRequestbooleanTrue if Sumo Logic will send signed Authn requests to the identity provider.
spInitiatedLoginEnabledbooleanTrue if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in.
spInitiatedLoginPathstringThis property has been deprecated and is no longer used. (example: http://www.okta.com/abxcseyuiwelflkdjh, default: )
x509cert1stringThe certificate is used to verify the signature in SAML assertions.
x509cert2stringThe backup certificate used to verify the signature in SAML assertions when x509cert1 expires. (default: )
x509cert3stringThe backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. (default: )

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
getIdentityProvidersselectregionGet a list of all SAML configurations in the organization.
createIdentityProviderinsertregion, data__configurationName, data__issuer, data__x509cert1Create a new SAML configuration in the organization.
deleteIdentityProviderdeleteid, regionDelete a SAML configuration with the given identifier from the organization.
updateIdentityProviderexecid, region, configurationName, issuer, x509cert1Update an existing SAML configuration in the organization.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
idstringIdentifier of the SAML configuration to update.
regionstringSumoLogic region (enum: [us2, au, ca, de, eu, fed, in, jp], default: us2)

SELECT examples

Get a list of all SAML configurations in the organization.

SELECT
id,
assertionConsumerUrl,
authnRequestUrl,
certificate,
configurationName,
createdAt,
createdBy,
debugMode,
disableRequestedAuthnContext,
emailAttribute,
entityId,
isRedirectBinding,
issuer,
logoutEnabled,
logoutUrl,
modifiedAt,
modifiedBy,
onDemandProvisioningEnabled,
rolesAttribute,
signAuthnRequest,
spInitiatedLoginEnabled,
spInitiatedLoginPath,
x509cert1,
x509cert2,
x509cert3
FROM sumologic.saml.identity_providers
WHERE region = '{{ region }}' -- required
;

INSERT examples

Create a new SAML configuration in the organization.

INSERT INTO sumologic.saml.identity_providers (
data__spInitiatedLoginPath,
data__configurationName,
data__issuer,
data__spInitiatedLoginEnabled,
data__authnRequestUrl,
data__x509cert1,
data__x509cert2,
data__x509cert3,
data__onDemandProvisioningEnabled,
data__rolesAttribute,
data__logoutEnabled,
data__logoutUrl,
data__emailAttribute,
data__debugMode,
data__signAuthnRequest,
data__disableRequestedAuthnContext,
data__isRedirectBinding,
region
)
SELECT 
'{{ spInitiatedLoginPath }}',
'{{ configurationName }}' /* required */,
'{{ issuer }}' /* required */,
{{ spInitiatedLoginEnabled }},
'{{ authnRequestUrl }}',
'{{ x509cert1 }}' /* required */,
'{{ x509cert2 }}',
'{{ x509cert3 }}',
'{{ onDemandProvisioningEnabled }}',
'{{ rolesAttribute }}',
{{ logoutEnabled }},
'{{ logoutUrl }}',
'{{ emailAttribute }}',
{{ debugMode }},
{{ signAuthnRequest }},
{{ disableRequestedAuthnContext }},
{{ isRedirectBinding }},
'{{ region }}'
RETURNING
id,
assertionConsumerUrl,
authnRequestUrl,
certificate,
configurationName,
createdAt,
createdBy,
debugMode,
disableRequestedAuthnContext,
emailAttribute,
entityId,
isRedirectBinding,
issuer,
logoutEnabled,
logoutUrl,
modifiedAt,
modifiedBy,
onDemandProvisioningEnabled,
rolesAttribute,
signAuthnRequest,
spInitiatedLoginEnabled,
spInitiatedLoginPath,
x509cert1,
x509cert2,
x509cert3
;

DELETE examples

Delete a SAML configuration with the given identifier from the organization.

DELETE FROM sumologic.saml.identity_providers
WHERE id = '{{ id }}' --required
AND region = '{{ region }}' --required
;

Lifecycle Methods

Update an existing SAML configuration in the organization.

EXEC sumologic.saml.identity_providers.updateIdentityProvider 
@id='{{ id }}' --required, 
@region='{{ region }}' --required 
@@json=
'{
"spInitiatedLoginPath": "{{ spInitiatedLoginPath }}", 
"configurationName": "{{ configurationName }}", 
"issuer": "{{ issuer }}", 
"spInitiatedLoginEnabled": {{ spInitiatedLoginEnabled }}, 
"authnRequestUrl": "{{ authnRequestUrl }}", 
"x509cert1": "{{ x509cert1 }}", 
"x509cert2": "{{ x509cert2 }}", 
"x509cert3": "{{ x509cert3 }}", 
"onDemandProvisioningEnabled": "{{ onDemandProvisioningEnabled }}", 
"rolesAttribute": "{{ rolesAttribute }}", 
"logoutEnabled": {{ logoutEnabled }}, 
"logoutUrl": "{{ logoutUrl }}", 
"emailAttribute": "{{ emailAttribute }}", 
"debugMode": {{ debugMode }}, 
"signAuthnRequest": {{ signAuthnRequest }}, 
"disableRequestedAuthnContext": {{ disableRequestedAuthnContext }}, 
"isRedirectBinding": {{ isRedirectBinding }}
}'
;