Rest spec and documentation#54664
Conversation
This change adds the spec for the new REST APIs that we introduce for the IDP and documentation for each of the APIs. The documentation pages are intentionally not included in the API reference so as to minimize unnecessary exposure. supersedes: elastic#53858
jkakavas
added
>docs
|
Pinging @elastic/es-security (:Security/Security) |
|
Pinging @elastic/es-docs (>docs) |
|
@elasticmachine test this please |
| This API generates a SAML Response message that should be sent to a Service Provider as part of an | ||
| IDP initiated or SP initiated SAML Single Sign On. This API expects the caller to present | ||
| credentials for the user that the SAML Response will be created for as "Secondary Authentication" | ||
| using the `es-secondary-authorization` HTTP Request header. |
There was a problem hiding this comment.
FYI, @lcawl is working on some generic docs for secondary authentication, which we can link to when they're ready.
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-init.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-init.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-init.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-metadata.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-register-sp.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/plugin/identity-provider/docs/en/rest-api/idp-saml-register-sp.asciidoc
Outdated
Show resolved
Hide resolved
| (Required, string) A name to identify this service provider. Used only for informational purposes | ||
|
|
||
| `entity_id`:: | ||
| (Required, string) The SAML entity Id of the service provider. |
There was a problem hiding this comment.
This isn't required.
If it is not set, it will be populated from the URL parameter.
If it is set, it must match the URL parameter.
x-pack/plugin/identity-provider/src/test/resources/rest-api-spec/api/idp.saml_get_metadata.json
Show resolved
Hide resolved
Co-Authored-By: Tim Vernum <tim@adjective.org>
|
ping @tvernum |
|
cc @elastic/es-clients heads up, new API's incoming 😄 |
|
@Mpdreamz / @elastic/es-clients this is intentionally kept separate from the rest spec as we don't want our clients to support this cloud internal functionality. |
|
Cool, the need private API;s for this has been discussed previously: #38413 (comment) but voted against. I do think we need a |
| `entity_id`:: | ||
| (Required, string) The SAML entity Id of the service provider. | ||
| (Optional, string) The SAML entity Id of the service provider. If not set, it will be populated with the value from the URL parameter. | ||
| If set, it musth match the value that is passed in the URL parameter. |
There was a problem hiding this comment.
| If set, it musth match the value that is passed in the URL parameter. | |
| If set, it must match the value that is passed in the URL parameter. |
| ] | ||
| }, | ||
| "params": { | ||
| "acs": { ... } |
There was a problem hiding this comment.
My use of ... was just a placeholder - I think this should be populated with something meaningful.
There was a problem hiding this comment.
Meh , I did a two step process of 1) all the suggestions make sense and later 2) lets merge these and forgot to take care of this . Will adjust
There was a problem hiding this comment.
Suggestion to mark the stability of the specs as private. This signals to the language clients that these are internal APIs and not to be exposed. Current stability values supported are:
EDIT
Removed the suggestions. Appears "private" is now not a stability value in specs
|
@russcam there is no private option: See also previous discussion: #38413 (comment) As mentioned in my comment will discuss and fix this outside this PR then circle back to it. We'll need to update the json schema in the meantime. |
|
Ok @Mpdreamz. I would like to be involved in this discussion when it happens |
|
I think an |
|
Can I kindly ask that we continue the |
|
@elasticmachine update branch |
This change adds the spec for the new REST APIs that we introduce for the IDP and documentation for each of the APIs. The documentation pages are intentionally not included in the API reference so as to minimize unnecessary exposure. supersedes: elastic#53858
This change adds the spec for the new REST APIs that we introduce for the IDP and documentation for each of the APIs. The documentation pages are intentionally not included in the API reference so as to minimize unnecessary exposure. supersedes: elastic#53858
This change adds the spec for the new REST APIs that we introduce for the IDP and documentation for each of the APIs. The documentation pages are intentionally not included in the API reference so as to minimize unnecessary exposure. supersedes: #53858
This change adds the spec for the new REST APIs that we introduce for the IDP and documentation for each of the APIs. The documentation pages are intentionally not included in the API reference so as to minimize unnecessary exposure. supersedes: #53858
7 participants
This change adds the spec for the new REST APIs that we
introduce for the IDP and documentation for each of the APIs. The
documentation pages are intentionally not included in the API
reference so as to minimize unnecessary exposure.
supersedes: #53858