Type Alias CreateSAMLPayload

Payload for creating a SAML compatible identity provider.

type CreateSAMLPayload = {
    clockToleranceSec?: number;
    createNewUsersOnLogin?: boolean;
    description?: string;
    interactive: boolean;
    options?: {
        allowIdpInitiatedLogin?: boolean;
        certificates?: CertificateInfo[];
        claimsMapping: ClaimsMappingSAML;
        entityId?: string;
        metadata?: { raw: string };
        nameIdFormat?:
            | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
            | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
            | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
        signOnUrl?: string;
    };
    pendingOptions?: {
        allowIdpInitiatedLogin?: boolean;
        certificates?: CertificateInfo[];
        claimsMapping: ClaimsMappingSAML;
        entityId?: string;
        metadata?: { raw: string };
        nameIdFormat?:
            | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
            | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
            | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
        signOnUrl?: string;
    };
    postLogoutRedirectUri?: string;
    protocol: "SAML";
    provider: "okta"
    | "generic"
    | "adfs"
    | "azureAD";
    skipVerify?: boolean;
    tenantIds?: string[];
}
Index

Properties

clockToleranceSec? createNewUsersOnLogin? description? interactive options? pendingOptions? postLogoutRedirectUri? protocol provider skipVerify? tenantIds?

Properties

clockToleranceSec?: number

There can be clock skew between the IdP and Qlik's login server. In these cases, a tolerance can be set.

createNewUsersOnLogin?: boolean
description?: string
interactive: boolean
options?: {
    allowIdpInitiatedLogin?: boolean;
    certificates?: CertificateInfo[];
    claimsMapping: ClaimsMappingSAML;
    entityId?: string;
    metadata?: { raw: string };
    nameIdFormat?:
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
        | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
    signOnUrl?: string;
}

Type Declaration

  • OptionalallowIdpInitiatedLogin?: boolean

    Toggle to allow IdP initated login by the SAML IdP.

  • Optionalcertificates?: CertificateInfo[]
  • claimsMapping: ClaimsMappingSAML
  • OptionalentityId?: string
  • Optionalmetadata?: { raw: string }
    • raw: string

      The IDP metadata XML in base64-encoded format.

  • OptionalnameIdFormat?:
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
        | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
  • OptionalsignOnUrl?: string
pendingOptions?: {
    allowIdpInitiatedLogin?: boolean;
    certificates?: CertificateInfo[];
    claimsMapping: ClaimsMappingSAML;
    entityId?: string;
    metadata?: { raw: string };
    nameIdFormat?:
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
        | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
    signOnUrl?: string;
}

Type Declaration

  • OptionalallowIdpInitiatedLogin?: boolean

    Toggle to allow IdP initated login by the SAML IdP.

  • Optionalcertificates?: CertificateInfo[]
  • claimsMapping: ClaimsMappingSAML
  • OptionalentityId?: string
  • Optionalmetadata?: { raw: string }
    • raw: string

      The IDP metadata XML in base64-encoded format.

  • OptionalnameIdFormat?:
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
        | "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
        | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
  • OptionalsignOnUrl?: string
postLogoutRedirectUri?: string
protocol: "SAML"
provider: "okta" | "generic" | "adfs" | "azureAD"
skipVerify?: boolean
tenantIds?: string[]

Settings

Member Visibility

On This Page

Properties