This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

An Identity Provider (IdP) is responsible for issuing identification information for users looking to interact with a system. We can add and configure such identity providers and link them with the Identity Server through the Identity Provider Management Service API.

This is exposed as a web service and the following operations are available.

The service contract of this admin service can be found at https://<IS_HOST>:<IS_PORT>/services/IdentityProviderMgtService?wsdl. Replace the tag <IS_HOST>:<IS_PORT> with the relevant host and port number, for example:  https://localhost:9443/services/IdentityProviderMgtService?wsdl.


Note: Prior to calling any of these admin services, you need to make them discoverable. See Calling Admin Services for information on how to do this.

addIdp

To add an Identity Provider, you should add some basic Identity Provider information and configuring claims, roles, federated authenticators, just-in-time provisioning information, and outbound provisioning connectors as seen in the request below. 

Permission Level: /permission/admin/manage

Request :

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org" xmlns:xsd="http://model.common.application.identity.carbon.wso2.org/xsd">   
   <soapenv:Header/>
   <soapenv:Body>      
      <mgt:addIdP>         
         <!--Optional:-->
         <mgt:identityProvider>
            <xsd:alias>https://localhost:9443/oauth2/token/</xsd:alias>
            <xsd:certificate>BASE64 encoded String goes here</xsd:certificate>
            <xsd:displayName>Sample IdP</xsd:displayName>
            <xsd:enable>true</xsd:enable>
            <xsd:federationHub>false</xsd:federationHub>
            <xsd:homeRealmId>-</xsd:homeRealmId>
            <xsd:identityProviderDescription>Sample Description</xsd:identityProviderDescription>
            <xsd:identityProviderName>TestIdP</xsd:identityProviderName>
            <xsd:primary>true</xsd:primary>
            <xsd:provisioningRole>-</xsd:provisioningRole>
         </mgt:identityProvider>
      </mgt:addIdP>
   </soapenv:Body>
</soapenv:Envelope>

Response:

None

In addition to the basic details for the IdP, it is also possible to include claims configuration, role configuration, federated authenticators, just-in-time provisioning information, and outbound provisioning connectors details to the addIdp request body. Properties related to those configurations are listed below. However, even without these details, an IdP can be added and updated later on.

Claim configuration

<xsd:claimConfig>
<localClaimDialect>true</localClaimDialect>
            <roleClaimURI>http://wso2.org/claims/role</roleClaimURI>
            <userClaimURI>http://wso2.org/claims/organization</userClaimURI>
</xsd:claimConfig>


When configuring advance claims to the custom claim dialect, the following parameters can be added to the <claimMappings> element. A sample <claimMappings> element configured with advance claim configurations is similiar to the following: 

<xsd:claimConfig>
<localClaimDialect>true</localClaimDialect>
            <roleClaimURI>http://wso2.org/claims/role</roleClaimURI>
            <userClaimURI>http://wso2.org/claims/organization</userClaimURI>
<claimMappings>
    <defaultValue>defaultVal</defaultValue>
    <localClaim>
        <claimUri>http://wso2.org/claims/title</claimUri>
    </localClaim>
    <remoteClaim>
        <claimUri>Role</claimUri>
    </remoteClaim>
    <requested>true</requested>
</claimMappings>
<claimMappings>
    <defaultValue>defaultVal</defaultValue>
    <localClaim>
        <claimUri>http://wso2.org/claims/emailaddress</claimUri>
    </localClaim>
    <remoteClaim>
        <claimUri>EmailID</claimUri>
    </remoteClaim>
    <requested>true</requested>
</claimMappings>
</xsd:claimConfig>

Just-in-time (JiT) provisioning

With Just-in-Time provisioning, you can create users on the fly without having to create user accounts in advance. To configure JiT provisioning, add the following snippet to the addIdp request body.

<xsd:justInTimeProvisioningConfig>
<xsd:provisioningEnabled>true</xsd:provisioningEnabled>
<xsd:provisioningUserStore>PRIMARY</xsd:provisioningUserStore>
<xsd:userStoreClaimUri>?</xsd:userStoreClaimUri>
</xsd:justInTimeProvisioningConfig>

Role configuration


<permissionAndRoleConfig xmlns="http://model.common.application.identity.carbon.wso2.org/xsd">
               <idpRoles>IDPRole</idpRoles>
               <roleMappings>
                  <localRole>
                     <localRoleName>Role1</localRoleName>
                  </localRole>
                  <remoteRole>IDPRole</remoteRole>
               </roleMappings>
</permissionAndRoleConfig>

Federated authenticator

The <federatedAuthenticatorConfigs> parameter can be used to configure zero or more federated authenticators. For sample federated authenticator configurations, see Federated Authenticator Configuration Samples.

 

Outbound provisioning connectors 
The <provisioningConnectorConfigs> parameter can be used to configure zero or more outbound provisioning connectors. For sample outbound provisioning connector configurations, see Outbound Provisioning Connectors Configuration Samples.


Parameter

Type

Description

enabled

boolean

Set 'true' to enable the provisioning connector.

name

String

Name of the connector.

provisioningProperties

Property

Zero or more properties related to the connector.

Attributes of the property are similar to properties mentioned in Federated Authenticators Configuration.

Contains: confidential, defaultValue, description, displayName, name, required, type value.


deleteIdp

To delete an identity provider, call the deleteIdp() operation. The IdP name should be included in the request.

Permission Level: /permission/admin/manage

Request:

<soapenv:Envelope
    xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:mgt="http://mgt.idp.carbon.wso2.org">
    <soapenv:Header/>
    <soapenv:Body>
        <mgt:deleteIdP>
            <!--Optional:-->
            <mgt:idPName>TestIDP</mgt:idPName>
        </mgt:deleteIdP>
    </soapenv:Body>
</soapenv:Envelope>


Response


None


getAllFederatedAuthenticators

The getAllFederatedAuthenticators() operation returns a detailed list of available federated authenticators in WSO2 Identity Server.

Permission Level: /permission/admin/manage

Request:

<soapenv:Envelope
    xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:mgt="http://mgt.idp.carbon.wso2.org">
    <soapenv:Header/>
    <soapenv:Body>
        <mgt:getAllFederatedAuthenticators/>
    </soapenv:Body>
</soapenv:Envelope>


Response:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getAllFederatedAuthenticatorsResponse xmlns:ns="http://mgt.idp.carbon.wso2.org" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd">
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>facebook</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>FacebookAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>openidconnect</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>OpenIDConnectAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>microsoft(hotmail, msn, live)</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>MicrosoftWindowsLive</ax2392:name>
            <ax2392:properties xsi:type="ax2392:Property">
               <ax2392:confidential>true</ax2392:confidential>
               <ax2392:defaultValue xsi:nil="true"/>
               <ax2392:description>Enter Microsoft Live client secret value</ax2392:description>
               <ax2392:displayName>Client Secret</ax2392:displayName>
               <ax2392:name>ClientSecret</ax2392:name>
               <ax2392:required>true</ax2392:required>
               <ax2392:type xsi:nil="true"/>
               <ax2392:value xsi:nil="true"/>
            </ax2392:properties>
            <ax2392:properties xsi:type="ax2392:Property">
               <ax2392:confidential>false</ax2392:confidential>
               <ax2392:defaultValue xsi:nil="true"/>
               <ax2392:description>Enter value corresponding to callback url.</ax2392:description>
               <ax2392:displayName>Callback Url</ax2392:displayName>
               <ax2392:name>windows-live-callback-url</ax2392:name>
               <ax2392:required>true</ax2392:required>
               <ax2392:type xsi:nil="true"/>
               <ax2392:value xsi:nil="true"/>
            </ax2392:properties>
            <ax2392:properties xsi:type="ax2392:Property">
               <ax2392:confidential>false</ax2392:confidential>
               <ax2392:defaultValue xsi:nil="true"/>
               <ax2392:description>Enter Microsoft Live client identifier value</ax2392:description>
               <ax2392:displayName>Client Id</ax2392:displayName>
               <ax2392:name>ClientId</ax2392:name>
               <ax2392:required>true</ax2392:required>
               <ax2392:type xsi:nil="true"/>
               <ax2392:value xsi:nil="true"/>
            </ax2392:properties>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>openid</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>OpenIDAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>google</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>GoogleOpenIDAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>yahoo</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>YahooOpenIDAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:FederatedAuthenticatorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:displayName>samlsso</ax2392:displayName>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>SAMLSSOAuthenticator</ax2392:name>
            <ax2392:valid>true</ax2392:valid>
         </ns:return>
      </ns:getAllFederatedAuthenticatorsResponse>
   </soapenv:Body>
</soapenv:Envelope>

getAllIdPs

Use the getAlIdPs() operation to obtain a detailed list of Identity Providers registered in WSO2 Identity Server.

Permission Level: /permission/admin/login


Request


<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getAllIdPs/>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getAllIdPsResponse xmlns:ns="http://mgt.idp.carbon.wso2.org" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd">
         <ns:return xsi:type="ax2392:IdentityProvider" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:alias xsi:nil="true"/>
            <ax2392:certificate xsi:nil="true"/>
            <ax2392:claimConfig xsi:type="ax2392:ClaimConfig">
               <ax2392:alwaysSendMappedLocalSubjectId>false</ax2392:alwaysSendMappedLocalSubjectId>
               <ax2392:localClaimDialect>true</ax2392:localClaimDialect>
               <ax2392:roleClaimURI xsi:nil="true"/>
               <ax2392:userClaimURI xsi:nil="true"/>
            </ax2392:claimConfig>
            <ax2392:defaultAuthenticatorConfig xsi:nil="true"/>
            <ax2392:defaultProvisioningConnectorConfig xsi:nil="true"/>
            <ax2392:displayName xsi:nil="true"/>
            <ax2392:enable>true</ax2392:enable>
            <ax2392:federationHub>false</ax2392:federationHub>
            <ax2392:homeRealmId xsi:nil="true"/>
            <ax2392:identityProviderDescription xsi:nil="true"/>
            <ax2392:identityProviderName>TestIdP</ax2392:identityProviderName>
            <ax2392:justInTimeProvisioningConfig xsi:nil="true"/>
            <ax2392:permissionAndRoleConfig xsi:nil="true"/>
            <ax2392:primary>false</ax2392:primary>
            <ax2392:provisioningRole xsi:nil="true"/>
         </ns:return>
      </ns:getAllIdPsResponse>
   </soapenv:Body>
</soapenv:Envelope>

getAllLocalClaimURIs

Use the getAlILocalClaimUris() operation to obtain a list of local claim URIs available in IS.

Permission Level: /permission/admin/manage

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getAllLocalClaimUris/>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getAllLocalClaimUrisResponse xmlns:ns="http://mgt.idp.carbon.wso2.org" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd">
         <ns:return>http://wso2.org/claims/otherphone</ns:return>
         <ns:return>http://wso2.org/claims/dob</ns:return>
         <ns:return>http://wso2.org/claims/primaryChallengeQuestion</ns:return>
         <ns:return>http://wso2.org/claims/role</ns:return>
         <ns:return>http://wso2.org/claims/challengeQuestion1</ns:return>
         <ns:return>http://wso2.org/claims/telephone</ns:return>
         <ns:return>http://wso2.org/claims/mobile</ns:return>
         <ns:return>http://wso2.org/claims/country</ns:return>
         <ns:return>http://wso2.org/claims/challengeQuestionUris</ns:return>
         <ns:return>http://wso2.org/claims/postalcode</ns:return>
         <ns:return>http://wso2.org/claims/challengeQuestion2</ns:return>
         <ns:return>http://wso2.org/claims/identity/accountLocked</ns:return>
         <ns:return>http://wso2.org/claims/nickname</ns:return>
         <ns:return>http://wso2.org/claims/streetaddress</ns:return>
         <ns:return>http://wso2.org/claims/url</ns:return>
         <ns:return>http://wso2.org/claims/givenname</ns:return>
         <ns:return>http://wso2.org/claims/emailaddress</ns:return>
         <ns:return>http://wso2.org/claims/oneTimePassword</ns:return>
         <ns:return>http://wso2.org/claims/region</ns:return>
         <ns:return>http://wso2.org/claims/gender</ns:return>
         <ns:return>http://wso2.org/claims/fullname</ns:return>
         <ns:return>http://wso2.org/claims/passwordTimestamp</ns:return>
         <ns:return>http://wso2.org/claims/title</ns:return>
         <ns:return>http://wso2.org/claims/locality</ns:return>
         <ns:return>http://wso2.org/claims/stateorprovince</ns:return>
         <ns:return>http://wso2.org/claims/im</ns:return>
         <ns:return>http://wso2.org/claims/organization</ns:return>
         <ns:return>http://wso2.org/claims/lastname</ns:return>
      </ns:getAllLocalClaimUrisResponse>
   </soapenv:Body>
</soapenv:Envelope>

getAllProvisioningConnectors

Use the getAlIProvisioningConnectors() operation to obtain a detailed list of Outbound Provisioning Connectors available in WSO2 Identity Server.


Permission Level: /permission/admin/manage

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getAllProvisioningConnectors/>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getAllProvisioningConnectorsResponse xmlns:ns="http://mgt.idp.carbon.wso2.org" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd">
         <ns:return xsi:type="ax2392:ProvisioningConnectorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:blocking>false</ax2392:blocking>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>googleapps</ax2392:name>
            <ax2392:valid>false</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:ProvisioningConnectorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:blocking>false</ax2392:blocking>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>salesforce</ax2392:name>
            <ax2392:valid>false</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:ProvisioningConnectorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:blocking>false</ax2392:blocking>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>scim</ax2392:name>
            <ax2392:valid>false</ax2392:valid>
         </ns:return>
         <ns:return xsi:type="ax2392:ProvisioningConnectorConfig" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:blocking>false</ax2392:blocking>
            <ax2392:enabled>false</ax2392:enabled>
            <ax2392:name>spml</ax2392:name>
            <ax2392:valid>false</ax2392:valid>
         </ns:return>
      </ns:getAllProvisioningConnectorsResponse>
   </soapenv:Body>
</soapenv:Envelope>

getEnabledAllIdPs

Use the getEnabledAllIdPs() operation to obtain a detailed list of IdPs which are enabled in WSO2 Identity Server.

Permission Level: /permission/admin/manage

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getEnabledAllIdPs/>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getEnabledAllIdPsResponse xmlns:ns="http://mgt.idp.carbon.wso2.org" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd">
         <ns:return xsi:type="ax2392:IdentityProvider" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:alias xsi:nil="true"/>
            <ax2392:certificate xsi:nil="true"/>
            <ax2392:claimConfig xsi:nil="true"/>
            <ax2392:defaultAuthenticatorConfig xsi:nil="true"/>
            <ax2392:defaultProvisioningConnectorConfig xsi:nil="true"/>
            <ax2392:displayName xsi:nil="true"/>
            <ax2392:enable>true</ax2392:enable>
            <ax2392:federationHub>false</ax2392:federationHub>
            <ax2392:homeRealmId xsi:nil="true"/>
            <ax2392:identityProviderDescription xsi:nil="true"/>
            <ax2392:identityProviderName>TestIdP</ax2392:identityProviderName>
            <ax2392:justInTimeProvisioningConfig xsi:nil="true"/>
            <ax2392:permissionAndRoleConfig xsi:nil="true"/>
            <ax2392:primary>false</ax2392:primary>
            <ax2392:provisioningRole xsi:nil="true"/>
         </ns:return>
      </ns:getEnabledAllIdPsResponse>
   </soapenv:Body>
</soapenv:Envelope>

getIdPByName

Use the getIdPByName operation to retrieve an identity provider by including the IdP name in the request. 

Permission Level: /permission/admin/manage

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getIdPByName>
         <!--Optional:-->
         <mgt:idPName>TestIdP</mgt:idPName>
      </mgt:getIdPByName>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getIdPByNameResponse xmlns:ns="http://mgt.idp.carbon.wso2.org">
         <ns:return xsi:type="ax2392:IdentityProvider" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:alias>https://localhost:9443/oauth2/token/</ax2392:alias>
            <ax2392:certificate xsi:nil="true"/>
            <ax2392:claimConfig xsi:type="ax2392:ClaimConfig">
               <ax2392:alwaysSendMappedLocalSubjectId>false</ax2392:alwaysSendMappedLocalSubjectId>
               <ax2392:localClaimDialect>true</ax2392:localClaimDialect>
               <ax2392:roleClaimURI>http://wso2.org/claims/role</ax2392:roleClaimURI>
               <ax2392:userClaimURI>http://wso2.org/claims/organization</ax2392:userClaimURI>
            </ax2392:claimConfig>
            <ax2392:defaultAuthenticatorConfig xsi:nil="true"/>
            <ax2392:defaultProvisioningConnectorConfig xsi:nil="true"/>
            <ax2392:displayName xsi:nil="true"/>
            <ax2392:enable>true</ax2392:enable>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName>yahoo</ax2392:displayName>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>YahooOpenIDAuthenticator</ax2392:name>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName>openid</ax2392:displayName>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>OpenIDAuthenticator</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>commonAuthQueryParams</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value xsi:nil="true"/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>IsUserIdInClaims</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>false</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>RealmId</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value xsi:nil="true"/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>OpenIdUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/openid/</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName>passivests</ax2392:displayName>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>PassiveSTSAuthenticator</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>commonAuthQueryParams</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value xsi:nil="true"/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>IsUserIdInClaims</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>false</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>RealmId</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value xsi:nil="true"/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>PassiveSTSUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/passivests/</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName>google</ax2392:displayName>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>GoogleOpenIDAuthenticator</ax2392:name>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName>microsoft(hotmail,</ax2392:displayName>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>MicrosoftWindowsLive</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>ClientSecret</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>windows-live-callback-url</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value/>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>ClientId</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value/>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federationHub>false</ax2392:federationHub>
            <ax2392:homeRealmId xsi:nil="true"/>
            <ax2392:identityProviderDescription xsi:nil="true"/>
            <ax2392:identityProviderName>TestIdP</ax2392:identityProviderName>
            <ax2392:justInTimeProvisioningConfig xsi:type="ax2392:JustInTimeProvisioningConfig">
               <ax2392:provisioningEnabled>false</ax2392:provisioningEnabled>
               <ax2392:provisioningUserStore xsi:nil="true"/>
               <ax2392:userStoreClaimUri xsi:nil="true"/>
            </ax2392:justInTimeProvisioningConfig>
            <ax2392:permissionAndRoleConfig xsi:type="ax2392:PermissionsAndRoleConfig">
               <ax2392:idpRoles>IDPRole1</ax2392:idpRoles>
               <ax2392:roleMappings xsi:type="ax2392:RoleMapping">
                  <ax2392:localRole xsi:type="ax2392:LocalRole">
                     <ax2392:localRoleName>Role1</ax2392:localRoleName>
                     <ax2392:userStoreId xsi:nil="true"/>
                  </ax2392:localRole>
                  <ax2392:remoteRole>IDPRole1</ax2392:remoteRole>
               </ax2392:roleMappings>
            </ax2392:permissionAndRoleConfig>
            <ax2392:primary>false</ax2392:primary>
            <ax2392:provisioningRole>IDPRole1, IDPRole2</ax2392:provisioningRole>
         </ns:return>
      </ns:getIdPByNameResponse>
   </soapenv:Body>
</soapenv:Envelope>

getResidentIdP

Permission Level: /permission/admin/manage

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:getResidentIdP/>
   </soapenv:Body>
</soapenv:Envelope>

Response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getResidentIdPResponse xmlns:ns="http://mgt.idp.carbon.wso2.org">
         <ns:return xsi:type="ax2392:IdentityProvider" xmlns:ax2392="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2390="http://common.application.identity.carbon.wso2.org/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ax2392:alias xsi:nil="true"/>
            <ax2392:certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</ax2392:certificate>
            <ax2392:claimConfig xsi:type="ax2392:ClaimConfig">
               <ax2392:alwaysSendMappedLocalSubjectId>false</ax2392:alwaysSendMappedLocalSubjectId>
               <ax2392:localClaimDialect>false</ax2392:localClaimDialect>
               <ax2392:roleClaimURI xsi:nil="true"/>
               <ax2392:userClaimURI xsi:nil="true"/>
            </ax2392:claimConfig>
            <ax2392:defaultAuthenticatorConfig xsi:nil="true"/>
            <ax2392:defaultProvisioningConnectorConfig xsi:nil="true"/>
            <ax2392:displayName xsi:nil="true"/>
            <ax2392:enable>true</ax2392:enable>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName xsi:nil="true"/>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>openidconnect</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>OAUTH2TokenUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/oauth2/token</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>UserInfoUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/oauth2/userinfo</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>OAuth2AuthzUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/oauth2/authz</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName xsi:nil="true"/>
               <ax2392:enabled>true</ax2392:enabled>
               <ax2392:name>samlsso</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>LogoutReqUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/samlsso</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>IdPEntityId</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>localhost</ax2392:value>
               </ax2392:properties>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>SSOUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/samlsso</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName xsi:nil="true"/>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>openid</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>OpenIdUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/openid</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federatedAuthenticatorConfigs xsi:type="ax2392:FederatedAuthenticatorConfig">
               <ax2392:displayName xsi:nil="true"/>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>passivests</ax2392:name>
               <ax2392:properties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>PassiveSTSUrl</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/services/wso2carbon-sts</ax2392:value>
               </ax2392:properties>
               <ax2392:valid>true</ax2392:valid>
            </ax2392:federatedAuthenticatorConfigs>
            <ax2392:federationHub>false</ax2392:federationHub>
            <ax2392:homeRealmId>localhost</ax2392:homeRealmId>
            <ax2392:identityProviderDescription xsi:nil="true"/>
            <ax2392:identityProviderName>LOCAL</ax2392:identityProviderName>
            <ax2392:justInTimeProvisioningConfig xsi:type="ax2392:JustInTimeProvisioningConfig">
               <ax2392:provisioningEnabled>false</ax2392:provisioningEnabled>
               <ax2392:provisioningUserStore xsi:nil="true"/>
               <ax2392:userStoreClaimUri xsi:nil="true"/>
            </ax2392:justInTimeProvisioningConfig>
            <ax2392:permissionAndRoleConfig xsi:type="ax2392:PermissionsAndRoleConfig"/>
            <ax2392:primary>false</ax2392:primary>
            <ax2392:provisioningConnectorConfigs xsi:type="ax2392:ProvisioningConnectorConfig">
               <ax2392:blocking>false</ax2392:blocking>
               <ax2392:enabled>false</ax2392:enabled>
               <ax2392:name>scim</ax2392:name>
               <ax2392:provisioningProperties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>scimUserEndpoint</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/wso2/scim/Users</ax2392:value>
               </ax2392:provisioningProperties>
               <ax2392:provisioningProperties xsi:type="ax2392:Property">
                  <ax2392:confidential>false</ax2392:confidential>
                  <ax2392:defaultValue xsi:nil="true"/>
                  <ax2392:description xsi:nil="true"/>
                  <ax2392:displayName xsi:nil="true"/>
                  <ax2392:name>scimGroupEndpoint</ax2392:name>
                  <ax2392:required>false</ax2392:required>
                  <ax2392:type xsi:nil="true"/>
                  <ax2392:value>https://localhost:9443/wso2/scim/Groups</ax2392:value>
               </ax2392:provisioningProperties>
               <ax2392:valid>false</ax2392:valid>
            </ax2392:provisioningConnectorConfigs>
            <ax2392:provisioningRole xsi:nil="true"/>
         </ns:return>
      </ns:getResidentIdPResponse>
   </soapenv:Body>
</soapenv:Envelope>

updateIdP

The updateIdP() operation can be used to update an existing identity provider. The <oldIdPName> element is mandatory in the updateIdP request. All the other parameters in updateIdP request is similar to the parameters in addIdP request.

Permission Level: /permission/admin/manage

  Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org" xmlns:xsd="http://model.common.application.identity.carbon.wso2.org/xsd">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:updateIdP>
         <!--Optional:-->
         <mgt:oldIdPName>?</mgt:oldIdPName>
         <!--Optional:-->
         <mgt:identityProvider>
            <!--Optional:-->
            <xsd:alias>?</xsd:alias>
            <!--Optional:-->
            <xsd:certificate>?</xsd:certificate>
            <!--Optional:-->
            <xsd:claimConfig>...</xsd:claimConfig>
            <!--Optional:-->
            <xsd:defaultAuthenticatorConfig>...</xsd:defaultAuthenticatorConfig>
            <!--Optional:-->
            <xsd:defaultProvisioningConnectorConfig>...
            </xsd:defaultProvisioningConnectorConfig>
            <!--Optional:-->
            <xsd:displayName>?</xsd:displayName>
            <!--Optional:-->
            <xsd:enable>?</xsd:enable>
            <!--Zero or more repetitions:-->
            <xsd:federatedAuthenticatorConfigs>...</xsd:federatedAuthenticatorConfigs>
            <!--Optional:-->
            <xsd:federationHub>?</xsd:federationHub>
            <!--Optional:-->
            <xsd:homeRealmId>?</xsd:homeRealmId>
            <!--Optional:-->
            <xsd:identityProviderDescription>?</xsd:identityProviderDescription>
            <!--Optional:-->
            <xsd:identityProviderName>?</xsd:identityProviderName>
            <!--Optional:-->
            <xsd:justInTimeProvisioningConfig>...</xsd:justInTimeProvisioningConfig>
            <!--Optional:-->
            <xsd:permissionAndRoleConfig>...</xsd:permissionAndRoleConfig>
            <!--Optional:-->
            <xsd:primary>?</xsd:primary>
            <!--Zero or more repetitions:-->
            <xsd:provisioningConnectorConfigs>...</xsd:provisioningConnectorConfigs>
            <!--Optional:-->
            <xsd:provisioningRole>?</xsd:provisioningRole>
         </mgt:identityProvider>
      </mgt:updateIdP>
   </soapenv:Body>
</soapenv:Envelope>

Response

None

updateResidentIdP

The updateResidentIdP() operation can be used to alter certain parameters of the resident identity provider. These parameters are:

  • Home Realm Identifier
  • SAML2 Web SSO Configuration Entity ID

Permission Level: /permission/admin/manage

The following request show how to update the above parameters.

Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mgt="http://mgt.idp.carbon.wso2.org" xmlns:xsd="http://model.common.application.identity.carbon.wso2.org/xsd">
   <soapenv:Header/>
   <soapenv:Body>
      <mgt:updateResidentIdP>
         <!--Optional:-->
         <mgt:identityProvider>
            <!--Optional:-->
            <xsd:alias>?</xsd:alias>
            <!--Optional:-->
            <xsd:certificate>?</xsd:certificate>
            <!--Optional:-->
            <xsd:claimConfig>...</xsd:claimConfig>
            <!--Optional:-->
            <xsd:defaultAuthenticatorConfig>...</xsd:defaultAuthenticatorConfig>
            <!--Optional:-->
            <xsd:defaultProvisioningConnectorConfig>...
           </xsd:defaultProvisioningConnectorConfig>
            
            <xsd:displayName>?</xsd:displayName>
            <!--Optional:-->
            <xsd:enable>?</xsd:enable>
            <!--Zero or more repetitions:-->
            <xsd:federatedAuthenticatorConfigs>...</xsd:federatedAuthenticatorConfigs>
            <!--Optional:-->
            <xsd:federationHub>?</xsd:federationHub>
            <!--Optional:-->
            <xsd:homeRealmId>?</xsd:homeRealmId>
            <!--Optional:-->
            <xsd:identityProviderDescription>?</xsd:identityProviderDescription>
            <!--Optional:-->
            <xsd:identityProviderName>?</xsd:identityProviderName>
            <!--Optional:-->
            <xsd:justInTimeProvisioningConfig>...</xsd:justInTimeProvisioningConfig>
            <!--Optional:-->
            <xsd:permissionAndRoleConfig>...</xsd:permissionAndRoleConfig>
            <!--Optional:-->
            <xsd:primary>?</xsd:primary>
            <!--Zero or more repetitions:-->
            <xsd:provisioningConnectorConfigs>...</xsd:provisioningConnectorConfigs>
            <!--Optional:-->
            <xsd:provisioningRole>?</xsd:provisioningRole>
         </mgt:identityProvider>
      </mgt:updateResidentIdP>
   </soapenv:Body>
</soapenv:Envelope>

Response

None
  • No labels