Boomi Platform API Reference (1.0.0) - AccountSSOConfig

Toggle Pane

• AccountSSOConfig
  • getRetrieves an instance of an AccountSSOConfig object
  • postModifies or updates an AccountSSOConfig object
  • delDeletes an AccountSSOConfig object
  • postRetrieves multiple AccountSSOConfig objects by identifier

API docs by Redocly

License: Boomi API License and Rate Limits

Download OpenAPI Specification: Download

AccountSSOConfig

The Account Single Sign-on Configuration object represents the single sign-on options for an account.

Note: The fields in this object correspond to the controls on the SSO Options tab of the Setup page.

Required Privileges

Read and Write access

• API — Use the Boomi Platform API to access account data.
• ACCOUNT_ADMIN — Account configuration and administration.

Retrieves an instance of an AccountSSOConfig object

Returns the Account Single Sign-on Configuration for the supplied account ID.

Authorizations:

basicAuth

path Parameters

id required

string

Responses

Response Schema:

application/jsonapplication/xmlapplication/json

accountId	string The account ID.
assertionEncryption	boolean
authnContext	string PPT - (Default) Password Protected Transport, requires a username and password for authentication UNSPECIFIED - Accepts any type of authentication
authnContextComparison	string EXACT - The resulting authentication context in the authentication statement must be the exact match to at least one of the specified authentication contexts. MINIMUM - The resulting authentication context in the authentication statement must be at least as strong (as deemed by the responder) as one of the specified authentication contexts.
certInfo	string Metadata for the public certificate of the identity provider.
certificate	Array of strings <byte> [ items <byte > ] Base64-encoded certificate bytes for the identity provider.
enabled	boolean true — Enables single sign-on for the account. false — Disables single sign-on for the account.
fedIdFromNameId	boolean true — The federation ID is in the NameID element of the Subject element in the SAML Response document. false— The federation ID is in the FEDERATION_ID Attribute element in the SAML Response document.
idpUrl	string The URL of the identity provider's single sign-on service.
nameIdPolicy	string TRANSIENT — Indicates that the content of the element is a non-constant and temporary value that should not assume any standard meaning; the identifier confirms a user is granted access without revealing the user's actual name or identity UNSPECIFIED — Indicates that identity provider can interpret the NameID attribute; the identifier confirms a user is granted access and can reveal the user's real name or identity depending on how it is defined by identity provider. Important: Entering any value other than TRANSIENT or UNSPECIFIED for the nameIdPolicy results in an exception. As a service provider, does not interpret the NameID value; a user is identified by comparing the NameID value with the Federation ID value.
signoutRedirectUrl	string After signing out of the, the URL that redirects the user.

Boomi Platform API Endpoint URL. {accountId} is the Account ID of the authenticated Boomi platform account making this request.

https://api.boomi.com/api/rest/v1/{accountId}/AccountSSOConfig/{id}

Response samples

• 200
• 403
• 410
• 503

Content type

application/jsonapplication/xmlapplication/json

{

• "@type": "AccountSSOConfig",
• "certificate": "LSO...",
• "accountId": "account-123456",
• "enabled": true,
• "idpUrl": "http://www.testsaml.com:8080/openam_954/SSOPOST/metaAlias/idp",
• "signoutRedirectUrl": "http://www.google.com",
• "certInfo": "test~~Sun~~OpenSSO~~null~~null~~US~~2018-01-12T19:19:39.000Z",
• "fedIdFromNameId": false,
• "nameIdPolicy": "TRANSIENT",
• "authnContext": "PPT",
• "authnContextComparison": "EXACT",
• "assertionEncryption": true

}

Modifies or updates an AccountSSOConfig object

Updates the Account Single Sign-on Configuration for the supplied account ID.

Authorizations:

basicAuth

path Parameters

id required

string

Request Body schema:

application/jsonapplication/xmlapplication/json

optional

accountId	string The account ID.
assertionEncryption	boolean
authnContext	string PPT - (Default) Password Protected Transport, requires a username and password for authentication UNSPECIFIED - Accepts any type of authentication
authnContextComparison	string EXACT - The resulting authentication context in the authentication statement must be the exact match to at least one of the specified authentication contexts. MINIMUM - The resulting authentication context in the authentication statement must be at least as strong (as deemed by the responder) as one of the specified authentication contexts.
certInfo	string Metadata for the public certificate of the identity provider.
certificate	Array of strings <byte> [ items <byte > ] Base64-encoded certificate bytes for the identity provider.
enabled	boolean true — Enables single sign-on for the account. false — Disables single sign-on for the account.
fedIdFromNameId	boolean true — The federation ID is in the NameID element of the Subject element in the SAML Response document. false— The federation ID is in the FEDERATION_ID Attribute element in the SAML Response document.
idpUrl	string The URL of the identity provider's single sign-on service.
nameIdPolicy	string TRANSIENT — Indicates that the content of the element is a non-constant and temporary value that should not assume any standard meaning; the identifier confirms a user is granted access without revealing the user's actual name or identity UNSPECIFIED — Indicates that identity provider can interpret the NameID attribute; the identifier confirms a user is granted access and can reveal the user's real name or identity depending on how it is defined by identity provider. Important: Entering any value other than TRANSIENT or UNSPECIFIED for the nameIdPolicy results in an exception. As a service provider, does not interpret the NameID value; a user is identified by comparing the NameID value with the Federation ID value.
signoutRedirectUrl	string After signing out of the, the URL that redirects the user.

Responses

Response Schema:

application/jsonapplication/xmlapplication/json

accountId	string The account ID.
assertionEncryption	boolean
authnContext	string PPT - (Default) Password Protected Transport, requires a username and password for authentication UNSPECIFIED - Accepts any type of authentication
authnContextComparison	string EXACT - The resulting authentication context in the authentication statement must be the exact match to at least one of the specified authentication contexts. MINIMUM - The resulting authentication context in the authentication statement must be at least as strong (as deemed by the responder) as one of the specified authentication contexts.
certInfo	string Metadata for the public certificate of the identity provider.
certificate	Array of strings <byte> [ items <byte > ] Base64-encoded certificate bytes for the identity provider.
enabled	boolean true — Enables single sign-on for the account. false — Disables single sign-on for the account.
fedIdFromNameId	boolean true — The federation ID is in the NameID element of the Subject element in the SAML Response document. false— The federation ID is in the FEDERATION_ID Attribute element in the SAML Response document.
idpUrl	string The URL of the identity provider's single sign-on service.
nameIdPolicy	string TRANSIENT — Indicates that the content of the element is a non-constant and temporary value that should not assume any standard meaning; the identifier confirms a user is granted access without revealing the user's actual name or identity UNSPECIFIED — Indicates that identity provider can interpret the NameID attribute; the identifier confirms a user is granted access and can reveal the user's real name or identity depending on how it is defined by identity provider. Important: Entering any value other than TRANSIENT or UNSPECIFIED for the nameIdPolicy results in an exception. As a service provider, does not interpret the NameID value; a user is identified by comparing the NameID value with the Federation ID value.
signoutRedirectUrl	string After signing out of the, the URL that redirects the user.

Boomi Platform API Endpoint URL. {accountId} is the Account ID of the authenticated Boomi platform account making this request.

https://api.boomi.com/api/rest/v1/{accountId}/AccountSSOConfig/{id}

Request samples

• Payload

Content type

application/jsonapplication/xmlapplication/json

{

• "certificate": "LSO...",
• "accountId": "account-123456",
• "enabled": true,
• "idpUrl": "http://www.testsaml.com:8080/openam_954/SSOPOST/metaAlias/idp",
• "signoutRedirectUrl": "https://news.google.com",
• "certInfo": "test~~Sun~~OpenSSO~~null~~null~~US~~2018-01-12T19:19:39.000Z",
• "fedIdFromNameId": false,
• "nameIdPolicy": "TRANSIENT",
• "authnContext": "PPT",
• "authnContextComparison": "EXACT",
• "assertionEncryption": true

}

Response samples

• 200
• 403
• 410
• 503

Content type

application/jsonapplication/xmlapplication/json

{

• "@type": "AccountSSOConfig",
• "certificate": "LSO...",
• "accountId": "account-123456",
• "enabled": true,
• "idpUrl": "http://www.testsaml.com:8080/openam_954/SSOPOST/metaAlias/idp",
• "signoutRedirectUrl": "https://news.google.com",
• "certInfo": "test~~Sun~~OpenSSO~~null~~null~~US~~2018-01-12T19:19:39.000Z",
• "fedIdFromNameId": false,
• "nameIdPolicy": "TRANSIENT",
• "authnContext": "PPT",
• "authnContextComparison": "EXACT",
• "assertionEncryption": true

}

Deletes an AccountSSOConfig object

Deletes the Account Single Sign-on Configuration for the supplied account ID.

Authorizations:

basicAuth

path Parameters

id required

string

Responses

Boomi Platform API Endpoint URL. {accountId} is the Account ID of the authenticated Boomi platform account making this request.

https://api.boomi.com/api/rest/v1/{accountId}/AccountSSOConfig/{id}

Response samples

• 403
• 410
• 503

Content type

application/jsonapplication/xmlapplication/json

{

• "message": "Access denied due to insufficient permissions."

}

Retrieves multiple AccountSSOConfig objects by identifier

To learn more about bulk, refer to the topic Bulk GET operations.

Authorizations:

basicAuth

Request Body schema:

application/jsonapplication/xmlapplication/json

optional

	Array of objects (BulkId)
type	string Enum: "GET" "DELETE" "UPDATE" "CREATE"

Responses

Response Schema:

application/jsonapplication/xmlapplication/json

	Array of objects
Array required object (AccountSSOConfig) index integer <int32> id string statusCode integer <int32> errorMessage string

Boomi Platform API Endpoint URL. {accountId} is the Account ID of the authenticated Boomi platform account making this request.

https://api.boomi.com/api/rest/v1/{accountId}/AccountSSOConfig/bulk

Request samples

• Payload

Content type

application/jsonapplication/xmlapplication/json

{

• "request": [

  • {

    • "id": "56789abc-def0-1234-5678-9abcdef01234"

    }

  ],
• "type": "GET"

}

Response samples

• 200
• 403
• 410
• 503

Content type

application/jsonapplication/xmlapplication/json

{

• "response": [

  • {

    • "Result": {

      • "accountId": "string",
      • "assertionEncryption": true,
      • "authnContext": "string",
      • "authnContextComparison": "string",
      • "certInfo": "string",
      • "certificate": [

        • "string"

        ],
      • "enabled": true,
      • "fedIdFromNameId": true,
      • "idpUrl": "string",
      • "nameIdPolicy": "string",
      • "signoutRedirectUrl": "string"

      },
    • "index": 0,
    • "id": "string",
    • "statusCode": 0,
    • "errorMessage": "string"

    }

  ]

}