json.schema.security.client.samlSSOClientConfig.json Maven / Gradle / Ivy
{
"$id": "https://open-metadata.org/schema/security/client/samlSSOClientConfig.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "SamlSSOClientConfig",
"description": "SAML SSO client security configs.",
"type": "object",
"javaType": "org.openmetadata.catalog.security.client.SamlSSOClientConfig",
"definitions": {
"idp": {
"javaType": "org.openmetadata.catalog.type.IdentityProviderConfig",
"description": "This schema defines defines the identity provider config.",
"type": "object",
"properties": {
"entityId": {
"description": "Identity Provider Entity ID usually same as the SSO login URL.",
"type": "string"
},
"ssoLoginUrl": {
"description": "SSO Login URL.",
"type": "string"
},
"idpX509Certificate": {
"description": "X509 Certificate ",
"type": "string"
},
"authorityUrl": {
"description": "Authority URL to redirect the users on Sign In page",
"type": "string"
},
"nameId": {
"description": "Authority URL to redirect the users on Sign In page",
"type": "string",
"default": "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"
}
},
"required": ["entityId", "ssoLoginUrl"],
"additionalProperties": false
},
"sp": {
"javaType": "org.openmetadata.catalog.type.ServiceProviderConfig",
"description": "This schema defines defines the identity provider config.",
"type": "object",
"properties": {
"entityId": {
"description": "Service Provider Entity ID.",
"type": "string"
},
"acs": {
"description": "Assertion Consumer URL.",
"type": "string"
},
"spX509Certificate": {
"description": "X509 Certificate ",
"type": "string"
},
"spPrivateKey": {
"description": "Sp Private Key for Signing and Encryption Only",
"type": "string"
},
"callback": {
"description": "Service Provider Entity ID usually same as the SSO login URL.",
"type": "string"
}
},
"additionalProperties": false,
"required": ["entityId", "acs", "callback"]
},
"security": {
"javaType": "org.openmetadata.catalog.type.SamlSecurityConfig",
"description": "This schema defines defines the security config for SAML.",
"type": "object",
"properties": {
"strictMode": {
"description": "Only accept valid signed and encrypted assertions if the relevant flags are set",
"type": "boolean",
"default": false
},
"validateXml": {
"description": "In case of strict mode whether to validate XML format.",
"type": "boolean",
"default": false
},
"tokenValidity": {
"description": "Validity for the JWT Token created from SAML Response",
"type": "integer",
"default": "3600"
},
"sendEncryptedNameId": {
"description": "Encrypt Name Id while sending requests from SP.",
"type": "boolean",
"default": false
},
"sendSignedAuthRequest": {
"description": "Sign the Authn Request while sending.",
"type": "boolean",
"default": false
},
"signSpMetadata": {
"description": "Want the Metadata of this SP to be signed.",
"type": "boolean",
"default": false
},
"wantMessagesSigned": {
"description": "SP requires the messages received to be signed.",
"type": "boolean",
"default": false
},
"wantAssertionsSigned": {
"description": "SP requires the assertions received to be signed.",
"type": "boolean",
"default": false
},
"wantAssertionEncrypted": {
"description": "SP requires the assertion received to be encrypted.",
"type": "boolean",
"default": false
},
"keyStoreFilePath": {
"description": "KeyStore File Path",
"type": "string"
},
"keyStoreAlias": {
"description": "KeyStore Alias",
"type": "string"
},
"keyStorePassword": {
"description": "KeyStore Password",
"type": "string"
}
},
"additionalProperties": false
}
},
"properties": {
"idp": {
"$ref": "#/definitions/idp"
},
"sp": {
"$ref": "#/definitions/sp"
},
"security": {
"$ref": "#/definitions/security"
},
"debugMode": {
"description": "Get logs from the Library in debug mode",
"type": "boolean",
"default": false
}
},
"additionalProperties": false,
"required": ["idp", "sp"]
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy