All Downloads are FREE. Search and download functionalities are using the official Maven repository.

json.schema.security.client.samlSSOClientConfig.json Maven / Gradle / Ivy

There is a newer version: 1.6.1
Show newest version
{
  "$id": "https://open-metadata.org/schema/security/client/samlSSOClientConfig.json",
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "SamlSSOClientConfig",
  "description": "SAML SSO client security configs.",
  "type": "object",
  "javaType": "org.openmetadata.catalog.security.client.SamlSSOClientConfig",
  "definitions": {
    "idp": {
      "javaType": "org.openmetadata.catalog.type.IdentityProviderConfig",
      "description": "This schema defines defines the identity provider config.",
      "type": "object",
      "properties": {
        "entityId": {
          "description": "Identity Provider Entity ID usually same as the SSO login URL.",
          "type": "string"
        },
        "ssoLoginUrl": {
          "description": "SSO Login URL.",
          "type": "string"
        },
        "idpX509Certificate": {
          "description": "X509 Certificate ",
          "type": "string"
        },
        "authorityUrl": {
          "description": "Authority URL to redirect the users on Sign In page",
          "type": "string"
        },
        "nameId": {
          "description": "Authority URL to redirect the users on Sign In page",
          "type": "string",
          "default": "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"
        }
      },
      "required": ["entityId", "ssoLoginUrl"],
      "additionalProperties": false
    },
    "sp": {
      "javaType": "org.openmetadata.catalog.type.ServiceProviderConfig",
      "description": "This schema defines defines the identity provider config.",
      "type": "object",
      "properties": {
        "entityId": {
          "description": "Service Provider Entity ID.",
          "type": "string"
        },
        "acs": {
          "description": "Assertion Consumer URL.",
          "type": "string"
        },
        "spX509Certificate": {
          "description": "X509 Certificate ",
          "type": "string"
        },
        "spPrivateKey": {
          "description": "Sp Private Key for Signing and Encryption Only",
          "type": "string"
        },
        "callback": {
          "description": "Service Provider Entity ID usually same as the SSO login URL.",
          "type": "string"
        }
      },
      "additionalProperties": false,
      "required": ["entityId", "acs", "callback"]
    },
    "security": {
      "javaType": "org.openmetadata.catalog.type.SamlSecurityConfig",
      "description": "This schema defines defines the security config for SAML.",
      "type": "object",
      "properties": {
        "strictMode": {
          "description": "Only accept valid signed and encrypted assertions if the relevant flags are set",
          "type": "boolean",
          "default": false
        },
        "validateXml": {
          "description": "In case of strict mode whether to validate XML format.",
          "type": "boolean",
          "default": false
        },
        "tokenValidity": {
          "description": "Validity for the JWT Token created from SAML Response",
          "type": "integer",
          "default": "3600"
        },
        "sendEncryptedNameId": {
          "description": "Encrypt Name Id while sending requests from SP.",
          "type": "boolean",
          "default": false
        },
        "sendSignedAuthRequest": {
          "description": "Sign the Authn Request while sending.",
          "type": "boolean",
          "default": false
        },
        "signSpMetadata": {
          "description": "Want the Metadata of this SP to be signed.",
          "type": "boolean",
          "default": false
        },
        "wantMessagesSigned": {
          "description": "SP requires the messages received to be signed.",
          "type": "boolean",
          "default": false
        },
        "wantAssertionsSigned": {
          "description": "SP requires the assertions received to be signed.",
          "type": "boolean",
          "default": false
        },
        "wantAssertionEncrypted": {
          "description": "SP requires the assertion received to be encrypted.",
          "type": "boolean",
          "default": false
        },
        "keyStoreFilePath": {
          "description": "KeyStore File Path",
          "type": "string"
        },
        "keyStoreAlias": {
          "description": "KeyStore Alias",
          "type": "string"
        },
        "keyStorePassword": {
          "description": "KeyStore Password",
          "type": "string"
        }
      },
      "additionalProperties": false
    }
  },
  "properties": {
    "idp": {
      "$ref": "#/definitions/idp"
    },
    "sp": {
      "$ref": "#/definitions/sp"
    },
    "security": {
      "$ref": "#/definitions/security"
    },
    "debugMode": {
      "description": "Get logs from the Library in debug mode",
      "type": "boolean",
      "default": false
    }
  },
  "additionalProperties": false,
  "required": ["idp", "sp"]
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy