Axway · Schema
IdentityProvider
IdentityProvider schema from Axway Amplify Platform API
API ManagementEnterpriseIntegrationSecurity
Properties
| Name | Type | Description |
|---|---|---|
| _id | string | Document ID of the Identity Provider. |
| description | string | Description of the Identity Provider. |
| guid | string | `guid` of the Identity Provider. |
| name | string | Name of Identity Provider |
| orgs | array | Organizations associated to this Identity Provider and their user associations. |
| protocol | string | Protocol the Identity Provider uses. |
| provider_guid | string |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://api-evangelist.com/schemas/axway/amplify-platform-identity-provider-schema.json",
"title": "IdentityProvider",
"description": "IdentityProvider schema from Axway Amplify Platform API",
"type": "object",
"properties": {
"_id": {
"type": "string",
"description": "Document ID of the Identity Provider.",
"deprecated": true,
"example": "507f1f77bcf86cd799439011"
},
"description": {
"type": "string",
"description": "Description of the Identity Provider.",
"example": "An example description"
},
"guid": {
"type": "string",
"format": "uuid",
"description": "`guid` of the Identity Provider.",
"example": "example_value"
},
"name": {
"type": "string",
"description": "Name of Identity Provider",
"example": "Example Name"
},
"orgs": {
"type": "array",
"description": "Organizations associated to this Identity Provider and their user associations.",
"default": [],
"items": {
"type": "object",
"required": [
"guid",
"default_roles",
"default_teams",
"mapped_roles",
"mapped_teams"
],
"additionalProperties": false,
"properties": {
"case_insensitive_mapped_roles": {
"type": "boolean",
"description": "Whether to match returned mapped attribute values to expected attribute values without letter case sensitivity."
},
"default_roles": {
"type": "array",
"description": "Array of role identifiers that are assigned to newly provisioned users in the Organization.",
"items": {
"type": "string",
"enum": [
"administrator",
"developer",
"auditor",
"consumer",
"usage_reporter",
"api_central_admin"
]
}
},
"default_teams": {
"type": "array",
"description": "Array of teams to assign newly provisioned users in the Organization.",
"default": [],
"items": {
"type": "object",
"required": [
"guid",
"roles"
],
"additionalProperties": false,
"properties": {
"guid": {
"type": "string",
"format": "uuid",
"description": "`guid` of the team within the Organization the assign newly provisioned users."
},
"roles": {
"type": "array",
"description": "Array of role identifiers that are assigned to newly provisioned users in the team.",
"items": {
"type": "string",
"enum": [
"consumer",
"subscription_admin",
"developer",
"catalog_manager",
"subscription_approver",
"api_access",
"insights",
"administrator",
"marketplace_admin"
]
}
}
}
}
},
"enforce_mapped_roles": {
"type": "boolean",
"description": "Whether to restrict organization role management solely to mapped IdP attributes. Any organization role(s) that a user has that does not match to an associated mapper (or the Default Organization Roles) will be removed on subsequent sign in."
},
"enforce_mapped_teams": {
"type": "boolean",
"description": "Whether to restrict team membership and role management solely to mapped IdP attributes. Any team memberships or roles that a user has that does not match to an associated mapper will be removed on subsequent sign in."
},
"guid": {
"type": "string",
"format": "uuid",
"description": "`guid` of the Organization the Identity Provider is associated to."
},
"mapped_roles": {
"type": "array",
"description": "Array of role identifiers to assign users in the Organization based on attributes defined by the Identity Provider.",
"default": [],
"items": {
"type": "object",
"required": [
"value",
"roles"
],
"additionalProperties": false,
"properties": {
"friendly": {
"type": "string",
"description": "Friendly name of the attribute provided by the SAML Identity Provider."
},
"name": {
"type": "string",
"description": "Name of the attribute provided by the Identity Provider."
},
"roles": {
"type": "array",
"description": "Array of role identifiers to be assigned to matching users in the Organization.",
"items": {
"type": "string",
"enum": [
"administrator",
"developer",
"auditor",
"consumer",
"usage_reporter",
"api_central_admin"
]
}
},
"value": {
"type": "string",
"description": "Value of the named attribute to determine whether to apply the role."
}
}
}
},
"mapped_teams": {
"type": "array",
"description": "Array of teams to assign users in the Organization based on attributes defined by the Identity Provider.",
"default": [],
"items": {
"type": "object",
"required": [
"team_guid",
"value",
"roles"
],
"additionalProperties": false,
"properties": {
"friendly": {
"type": "string",
"description": "Friendly name of the attribute provided by the SAML Identity Provider."
},
"name": {
"type": "string",
"description": "Name of the attribute provided by the Identity Provider."
},
"roles": {
"type": "array",
"description": "Array of role identifiers to be assigned to matching users in the team.",
"items": {
"type": "string",
"enum": [
"consumer",
"subscription_admin",
"developer",
"catalog_manager",
"subscription_approver",
"api_access",
"insights",
"administrator",
"marketplace_admin"
]
}
},
"team_guid": {
"type": "string",
"format": "uuid",
"description": "`guid` of the team within the Organization the assign matching users."
},
"value": {
"type": "string",
"description": "Value of the named attribute to determine whether to apply the team association."
}
}
}
},
"provision_adhoc": {
"type": "boolean",
"description": "Whether to automatically register users who authenticate using the Identity Provider that are not on an associated claimed email domain as members of the organization.",
"default": false
},
"restrict_domain_users": {
"type": "boolean",
"description": "Whether to automatically restrict users provisioned via domain association to authenticate using the Identity Provider.",
"default": false
}
}
},
"example": [
{
"case_insensitive_mapped_roles": true,
"default_roles": [
"administrator"
],
"default_teams": [
{
"guid": "example_value",
"roles": [
"consumer"
]
}
],
"enforce_mapped_roles": true,
"enforce_mapped_teams": true,
"guid": "example_value",
"mapped_roles": [
{
"friendly": "example_value",
"name": "Example Name",
"roles": [
"administrator"
],
"value": "example_value"
}
],
"mapped_teams": [
{
"friendly": "example_value",
"name": "Example Name",
"roles": [
"consumer"
],
"team_guid": "example_value",
"value": "example_value"
}
],
"provision_adhoc": true,
"restrict_domain_users": true
}
]
},
"protocol": {
"type": "string",
"description": "Protocol the Identity Provider uses.",
"enum": [
"oidc",
"saml"
],
"example": "oidc"
},
"provider_guid": {
"type": "string",
"example": "example_value"
}
},
"required": [
"guid",
"name",
"protocol"
]
}