Skip to main content

Get Service Provider Configuration.



This API returns the details of an org's service provider auth configuration.



Service provider configuration for the tenant.

    enabled boolean

    Default value: false

    This determines whether or not the SAML authentication flow is enabled for an org

    bypassIdp boolean

    Default value: false

    This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP.

    samlConfigurationValid boolean

    Default value: false

    This indicates whether or not the SAML configuration is valid.

    federationProtocolDetails object[]

    A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider).

  • Array [
  • oneOf
    role string

    Possible values: [SAML_IDP]

    Federation protocol role

    entityId string

    An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).

    binding string

    Defines the binding used for the SAML flow. Used with IDP configurations.

    authContext string

    Specifies the SAML authentication method to use. Used with IDP configurations.

    logoutUrl string

    The IDP logout URL. Used with IDP configurations.

    includeAuthContext boolean

    Default value: false

    Determines if the configured AuthnContext should be used or the default. Used with IDP configurations.

    nameId string

    The name id format to use. Used with IDP configurations.

    jitConfiguration object
    enabled boolean

    Default value: false

    The indicator for just-in-time provisioning enabled

    sourceId string

    the sourceId that mapped to just-in-time provisioning configuration

    sourceAttributeMappings object

    A mapping of identity profile attribute names to SAML assertion attribute names

    property name* string

    a mapping of JIT source attributes to the SAML assertion attribute

    cert string

    The Base64-encoded certificate used by the IDP. Used with IDP configurations.

    loginUrlPost string

    The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations.

    loginUrlRedirect string

    The IDP Redirect URL. Used with IDP configurations.

    mappingAttribute string

    Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations.

    certificateExpirationDate string

    The expiration date extracted from the certificate.

    certificateName string

    The name extracted from the certificate.

  • ]