This page contains the following endpoints:

  • LDAP Configurations
  • LDAP Group Import
  • LDAP User Import
  • SAML Configurations

LDAP Configurations

/system/ldap_configurations

This endpoint allows you to manage LDAP configurations.

Request Headers

Content-Type: application/json
Accept: application/json
Authorization: Bearer access_token
Host: example.org
Cookie: 

Request Example

curl "http://shares.example.com/system/ldap_configurations" -d '{"name":"New LDAP configuration","enabled":true,"use_tls":true,"ds_type":"Microsoft Active Directory","host":"https://ldap-example.com","port":1234,"base_dn":"dc=example,dc=org","bind_method":"login","login":"username","password":"Password123_","login_text":"Log in with LDAP","restrict_login_to_known_groups":true,"attribute_for_username":"samaccountname","attribute_for_email":"email","attribute_for_first_name":"given_name","attribute_for_last_name":"surname","attribute_for_member_of":"member_of"}' -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer access_token" \
-H "Host: example.org" \
-H "Cookie: "

Request Parameters (POST (Create) and PUT)

Name Required/Optional Type Description
name Required string Name of LDAP configuration
enabled Optional boolean Whether or not LDAP configuration is enabled
use_tls Optional boolean Whether or not to use TLS when connecting to LDAP server
ds_type Required string Name of the directory service provider
host Required string Host of LDAP server
port Required unsigned integer Port of LDAP server
base_dn Required string Base DN of LDAP server
bind_method Required string Bind method (anonymous or login)
login Required string Login if login bind method is used - required when bind_method is login
password Required string Password if login bind method is used - required when bind_method is login
login_text Optional tring Login instructions for users
restrict_login_to_known_groups Optional boolean Restrict login to known SAML groups
attribute_for_username Optional string LDAP server username attribute
attribute_for_email Required string LDAP server email attribute
attribute_for_first_name Required string LDAP server first name attribute
attribute_for_last_name Required string LDAP server last name attribute
attribute_for_member_of Required string LDAP server membership attribute

Success Response Codes

Method Code
GET 200 OK
POST (Create) 201 Created
POST (Test) 204 No Content
PUT 200 OK

Error Response Codes

Description of error is included in response body.

Method Error Reason
POST (Test) 503 Service Unavailable Connection Refused

Response Attributes

Name Type Description
id integer ID of LDAP configuration
name string Name of LDAP configuration
enabled boolean Whether or not LDAP configuration is enabled
use_tls boolean Whether or not to use TLS when connecting to LDAP server
ds_type string Name of the directory service provider
host string Host of LDAP server
port unsigned integer Port of LDAP server
base_dn string Base DN of LDAP server
bind_method string Bind method (anonymous or login)
login string Login if login bind method is used
login_text string Login instructions for users
restrict_login_to_known_groups string Restrict login to known SAML groups
attribute_for_username string LDAP server username attribute
attribute_for_email string LDAP server email attribute
attribute_for_first_name string LDAP server first name attribute
attribute_for_last_name string LDAP server last name attribute
attribute_for_member_of string LDAP server membership attribute

List all LDAP configurations

GET /system/ldap_configurations

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"00e09ea1906f3e6e3d64e5e07c371f06"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: a5a4b694-3376-466a-8525-3eb5a9be2846
X-Runtime: 0.014234
Content-Length: 492

Success Response Example

200 OK
[
  {
    "id": 381178965,
    "name": "New LDAP configuration",
    "enabled": true,
    "use_tls": true,
    "ds_type": "Microsoft Active Directory",
    "host": "https://ldap-example.com",
    "port": 1234,
    "base_dn": "dc=example,dc=org",
    "bind_method": "login",
    "login_text": "Log in with LDAP",
    "restrict_login_to_known_groups": true,
    "attribute_for_username": "samaccountname",
    "attribute_for_email": "email",
    "attribute_for_first_name": "given_name",
    "attribute_for_last_name": "surname",
    "attribute_for_member_of": "member_of",
    "login": "username"
  }
]


Show specific LDAP configuration

GET /system/ldap_configurations/{id}

Request Example

curl -g "http://shares.example.com/system/ldap_configurations/381178965" -X GET

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"7d4c43588d97f23c78bf21b6928f2ac0"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 4ad23b48-48d2-4b58-92c9-d6d6e4b06b9b
X-Runtime: 0.017611
Content-Length: 490

Success Response Example

200 OK
{
  "id": 381178965,
  "name": "New LDAP configuration",
  "enabled": true,
  "use_tls": true,
  "ds_type": "Microsoft Active Directory",
  "host": "https://ldap-example.com",
  "port": 1234,
  "base_dn": "dc=example,dc=org",
  "bind_method": "login",
  "login": "username",
  "login_text": "Log in with LDAP",
  "restrict_login_to_known_groups": true,
  "attribute_for_username": "samaccountname",
  "attribute_for_email": "email",
  "attribute_for_first_name": "given_name",
  "attribute_for_last_name": "surname",
  "attribute_for_member_of": "member_of"
}


Create LDAP configuration

POST /system/ldap_configurations

Request Example

curl "http://shares.example.com/system/ldap_configurations" -d '{"name":"New LDAP configuration","enabled":true,"use_tls":true,"ds_type":"Microsoft Active Directory","host":"https://ldap-example.com","port":1234,"base_dn":"dc=example,dc=org","bind_method":"login","login":"username","password":"Password123_","login_text":"Log in with LDAP","restrict_login_to_known_groups":true,"attribute_for_username":"samaccountname","attribute_for_email":"email","attribute_for_first_name":"given_name","attribute_for_last_name":"surname","attribute_for_member_of":"member_of"}' -X POST

Response Headers

X-Frame-Options: SAMEORIGIN
  X-XSS-Protection: 1; mode=block
  X-Content-Type-Options: nosniff
  Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
  Content-Type: application/json; charset=utf-8
  ETag: W/"5d912832189b64c2e99f0c5dea8312fa"
  Cache-Control: max-age=0, private, must-revalidate
  X-Request-Id: 2afec083-23ae-494b-9af9-8d9cc8a5d0f1
  X-Runtime: 0.021848
  Content-Length: 490

Success Response Example

201 Created
{
  "id": 381178966,
  "name": "New LDAP configuration",
  "enabled": true,
  "use_tls": true,
  "ds_type": "Microsoft Active Directory",
  "host": "https://ldap-example.com",
  "port": 1234,
  "base_dn": "dc=example,dc=org",
  "bind_method": "login",
  "login": "username",
  "login_text": "Log in with LDAP",
  "restrict_login_to_known_groups": true,
  "attribute_for_username": "samaccountname",
  "attribute_for_email": "email",
  "attribute_for_first_name": "given_name",
  "attribute_for_last_name": "surname",
  "attribute_for_member_of": "member_of"
  }


Test LDAP connection

POST /system/ldap_configurations/{id}/connection

Request Example

curl "http://shares.example.com/system/ldap_configurations/381178965/connection" -d '' -X POST

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Cache-Control: no-cache
X-Request-Id: 94c4f745-f55e-4ddf-8425-7684c8096309
X-Runtime: 0.098350

Success Response Example

204 No Content

Error Response Example

503 Service Unavailable
{
          "error": "Connection refused - connect(2) for 127.0.0.1:12345"
          }


Update LDAP configuration

PUT /system/ldap_configurations/{id}

Request Example

curl "http://shares.example.com/system/ldap_configurations/381178965" -d '{"name":"Newer LDAP configuration","enabled":false,"use_tls":false,"ds_type":"Open LDAP","host":"https://other-ldap-example.com","port":12345,"base_dn":"dc=other,dc=com","bind_method":"anonymous","login_text":"Don\u0027t log in with LDAP","restrict_login_to_known_groups":true,"attribute_for_email":"mail","attribute_for_first_name":"givenName","attribute_for_last_name":"sn","attribute_for_member_of":"memberOf"}' -X PUT

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"432ea9cb2095819133e102090dc029d6"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: ba65bd66-b487-4d42-b807-f4c4c5b529f4
X-Runtime: 0.051655
Content-Length: 484

Success Response Example

200 OK
{
  "id": 381178965,
  "name": "Newer LDAP configuration",
  "enabled": false,
  "use_tls": false,
  "ds_type": "Open LDAP",
  "host": "https://other-ldap-example.com",
  "port": 12345,
  "base_dn": "dc=other,dc=com",
  "bind_method": "anonymous",
  "login": "username",
  "login_text": "Don't log in with LDAP",
  "restrict_login_to_known_groups": true,
  "attribute_for_username": "samaccountname",
  "attribute_for_email": "mail",
  "attribute_for_first_name": "givenName",
  "attribute_for_last_name": "sn",
  "attribute_for_member_of": "memberOf"
}


LDAP Group Import

/system/ldap_groups

This endpoint allows you to manage imports of LDAP groups.


Search LDAP groups

GET /system/ldap_groups

Request Parameters

Name Required/Optional Type Description
ldap_configuration_id Optional string ID of LDAP configuration to search
search_query Optional string String used for search

Request Headers

Content-Type: application/json
Accept: application/json
Authorization: Bearer access_token
Host: example.org
Cookie: 

Request Example

curl -g "http://shares.example.com/system/ldap_groups?ldap_configuration_id=381178965&search_query=hrpeople" -X GET \
	-H "Content-Type: application/json" \
	-H "Accept: application/json" \
	-H "Authorization: Bearer access_token" \
	-H "Host: example.org" \
	-H "Cookie: "

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"21e121f8b67f74a968847713bca8ce1d"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 8d7f7e10-3887-49e7-a92a-23c7a2a624d2
X-Runtime: 0.092739
Content-Length: 68

Success Response Example

200 OK
[
  {
    "name": "hrpeople",
    "dn": "cn=hrpeople,ou=groups,dc=example,dc=org"
  }
]

Response Attributes

Name Type Description
name string Name of LDAP group
dn string Distinguished name of LDAP group

Import LDAP group

POST /system/ldap_groups/

Request Parameters

Name Required/Optional Type Description
ldap_configuration_id Optional string LDAP configuration of group
dn Required string Distinguished name of LDAP group to import

Request Headers

Content-Type: application/json
Accept: application/json
Authorization: Bearer access_token
Cookie: 

Request Example

curl "http://shares.example.com/system/ldap_groups/" -d '{"ldap_configuration_id":381178965,"dn":"cn=hrpeople,ou=groups,dc=example,dc=org"}' -X POST \
	-H "Content-Type: application/json" \
	-H "Accept: application/json" \
	-H "Authorization: Bearer access_token" \
	-H "Host: example.org" \
	-H "Cookie: "

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"40934a6adf8821c23d00e53a861d5424"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c194571b-d053-49f5-adbd-48b19ce8b4e5
X-Runtime: 0.105274
Content-Length: 88

Success Response Example

201 Created
{
  "id": 265102807,
  "dn": "cn=hrpeople,ou=groups,dc=example,dc=org",
  "group": {
    "id": 834029693
  }
}

Error Response Example

404 Not Found

Example Response Body

{
        "status": 404,
        "error": "Unable to find LDAP group."
        }

Response Attributes

Name Type Description
id integer ID for LDAP group resource
dn string Distinguished name of LDAP group
group JSON object Object that contains the LDAP group ID

Sync LDAP group

POST /system/ldap_groups/{id}/sync

Request Parameters

Name Required/Optional Type Description
ldap_configuration_id Optional integer LDAP configuration ID

Request Headers

Content-Type: application/json
Accept: application/json
Authorization: Bearer access_token
Host: example.org
Cookie: 

Request Example

curl "http://shares.example.com/system/ldap_groups/767575238/sync" -d '{"ldap_configuration_id":381178965}' -X POST \
	-H "Content-Type: application/json" \
	-H "Accept: application/json" \
	-H "Authorization: Bearer access_token" \
	-H "Host: example.org" \
	-H "Cookie: "

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json
Cache-Control: no-cache
X-Request-Id: 1ebd0366-91c2-4693-af4b-a38472537370
X-Runtime: 0.024753
Content-Length: 0

Success Response Example

202 Accepted


LDAP User Import

/system/ldap_users

This endpoint allows you to manage LDAP users.


Search LDAP users

GET /system/ldap_users

Request Headers

Content-Type: application/json
Accept: application/json
Authorization: Bearer access_token
Host: example.org
Cookie: 

Request Example

curl -g "http://shares.example.com/system/ldap_users?ldap_configuration_id=381178965&search_query=Claire" -X GET \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -H "Authorization: Bearer access_token" \
  -H "Host: example.org" \
  -H "Cookie: "

Request Parameters

Name Required/Optional Type Description
ldap_configuration_id Optional integer ID of LDAP configuration to search
search_query Optional string String used for search

Response Headers

X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
    Content-Type: application/json; charset=utf-8
    ETag: W/"4ce9dd94a474ba88507ba24897d5eefb"
    Cache-Control: max-age=0, private, must-revalidate
    X-Request-Id: ddaacbe7-6eb3-40ea-be11-487b460abfc0
    X-Runtime: 0.110491
    Content-Length: 142

Success Response Example

200 OK
[
      {
        "username": "cc414",
        "email": "claire@example.org",
        "first_name": "Claire",
        "last_name": "Carpenter",
        "dn": "uid=cc414,ou=people,dc=example,dc=org"
      }
    ]

Response Attributes

Name Type Description
username string Username of LDAP user
email string Email of LDAP user
first_name string First name of LDAP user
last_name string Last name of LDAP user
dn string Distinguished name of LDAP user

Import LDAP user

POST /system/ldap_users/

Request Headers

Content-Type: application/json
        Accept: application/json
        Authorization: Bearer access_token
        Host: example.org
        Cookie: 

Request Example

curl "http://shares.example.com/system/ldap_users/" -d '{"ldap_configuration_id":381178965,"dn":"uid=cc414,ou=people,dc=example,dc=org"}' -X POST \
        	-H "Content-Type: application/json" \
        	-H "Accept: application/json" \
        	-H "Authorization: Bearer access_token" \
        	-H "Host: example.org" \
        	-H "Cookie: "

Request Parameters

Name Required/Optional Type Description
ldap_configuration_id Optional string ID for LDAP configuration of user
dn Required string Distinguished name of the LDAP user to import

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"f1d6242f6c1587f41b624ee7d38a680e"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 032bc18d-4f5f-4eb1-97ff-bbf891def87a
X-Runtime: 0.105724
Content-Length: 77

Success Response Example

201 Created
{
  "id": 2,
  "dn": "uid=cc414,ou=people,dc=example,dc=org",
  "user": {
    "id": 891963386
  }
}

Error Response Example

404 Not Found
{
            "status": 404,
            "error": "Unable to find LDAP user."
            }

Response Attributes

Name Type Description
id integer ID for LDAP user resource
dn string Distinguished name of LDAP user
user JSON object Object that contains the LDAP user ID

SAML Configurations

/system/saml_configurations

This endpoint allows you to manage SAML configurations.

Request Headers

Content-Type: application/json
  Accept: application/json
  Authorization: Bearer access_token
  Host: example.org
  Cookie: 

Request Example

curl "http://shares.example.com/system/saml_configurations/" -d '{"name":"New SAML configuration","enabled":true,"sso_target_url":"https://saml-example.com","name_id_format":"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified","fingerprint_algorithm":"http://www.w3.org/2000/09/xmldsig#sha1","fingerprint":"4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68","certificate":"-----BEGIN CERTIFICATE-----\nMIICRjCCAa+gAwIBAgIBADANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTENMAsGA1UECgwEVGVzdDENMAsGA1UEAwwEVGVz\ndDAeFw0xNjExMTUyMjE1MDhaFw0xNzExMTUyMjE1MDhaMEAxCzAJBgNVBAYTAnVz\nMRMwEQYDVQQIDApDYWxpZm9ybmlhMQ0wCwYDVQQKDARUZXN0MQ0wCwYDVQQDDARU\nZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaFjgU41nUTW2TPPFW7vls\ntABbIkMUINxIdYVXixHYEpjAFFcHTlN9Uy+BM+4rH4So8kBmdS0Bq53wUj1xlTzV\n2q1JeATnn9mQqdhD4rlnG82i7dkYs62Qk2quIoBM/4HNbD0O1Q6BJAx2QbXHT2Xt\nD/Kma3EEKED+oOSVbIatVwIDAQABo1AwTjAdBgNVHQ4EFgQUfvJmmvZYJPfRm9t5\n2ewyqpDchn4wHwYDVR0jBBgwFoAUfvJmmvZYJPfRm9t52ewyqpDchn4wDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQCHB/nxIXpdrCJXuHvIEwZ6vwSO1Mps\nJHC6pfd/kxomRKOIN3RbQMj9almImYUeR6HLA4nocDSTdDoIAIsGxhIG7GNkSKkn\nvkdSpJPOXhcyxhjIHVwXXx9JdnJ53DSp9lulUwprb5KAFtAtjl4qFglbG0NVD9+w\nc68RVZf3B87/EA==\n-----END CERTIFICATE-----","login_text":"Log in with SAML","restrict_login_to_known_groups":true,"allowable_clock_drift":0,"attribute_for_email":"email","attribute_for_first_name":"given_name","attribute_for_last_name":"surname","attribute_for_member_of":"member_of","sign_authn_requests":false}' -X POST \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -H "Authorization: Bearer access_token" \
  -H "Host: example.org" \
  -H "Cookie: "

Request Parameters (POST and PUT)

Name Required/Optional Type Description
name Required string Name of the SAML configuration
enabled Required boolean Whether or not the SAML configuration is enabled
sso_target_url Required string SSO Target URL
name_id_format Optional string Name ID format - defaults to unspecified if not provided
fingerprint_algorithm Required string Fingerprint algorithm - required when fingerprint is provided
certificate Required string Certificate - required unless fingerprint is provided
fingerprint Required string Fingerprint - required unless certificate is provided
login_text Optional string Login instructions for users
allowable_clock_drift Required unsigned integer Allowable clock drift (in seconds)
restrict_login_to_known_groups Optional boolean Restrict login to known SAML groups
attribute_for_email Required string IDP email attribute
attribute_for_first_name Required string IDP first name attribute
attribute_for_last_name Required string IDP last name attribute
attribute_for_member_of Required string IDP membership attribute
sign_authn_requests Required boolean Sign authentication requests to the IDP
authn_request_digest_method Optional string Digest method for signing authentication requests. Required if sign_authn_requests is enabled
authn_request_signature_method Optional string Signature method for signing authentication requests. Required if sign_authn_requests is enabled
authn_request_certificate Optional string Digest method for signing authentication requests. Required if sign_authn_requests is enabled
authn_request_private_key Optional string Private key for signing authentication requests. Required if sign_authn_requests is enabled

Success Response Codes

Method Code
GET 200 OK
POST 201 Created
PUT 200 OK

Response Attributes

Name Type Description
id integer ID of SAML configuration
name string Name of the SAML configuration
enabled boolean Whether or not the SAML configuration is enabled
sso_target_url string SSO Target URL
name_id_format string Name ID format
fingerprint_algorithm string Fingerprint algorithm
certificate string Certificate
fingerprint string Fingerprint
login_text string Login instructions for users
allowable_clock_drift unsigned integer Allowable clock drift (in seconds)
restrict_login_to_known_groups boolean Restrict login to known SAML groups
attribute_for_email string IDP email attribute
attribute_for_first_name string IDP first name attribute
attribute_for_last_name string IDP last name attribute
attribute_for_member_of string IDP membership attribute
sign_authn_requests boolean Sign authentication requests to the IDP
authn_request_digest_method string Digest method for signing authentication requests
authn_request_signature_method string Signature method for signing authentication requests
authn_request_certificate string Digest method for signing authentication requests
authn_request_private_key string Private key for signing authentication requests

Show all SAML configurations

GET /system/saml_configurations

Request Parameters

Name Required/Optional Type Description
id Optional integer ID of SAML configuration. As query parameter, returns specific SAML configuration.

Request Example

curl -g "http://shares.example.com/system/saml_configurations?id=478127566" -X GET

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"aa901e7944233bd550b90f3c27cd9497"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: edc3c70a-71b9-40d6-ab3a-8a5a0f513186
X-Runtime: 0.013958
Content-Length: 791

Success Response Example

200 OK
[
{
"id": 478127566,
"enabled": true,
"name": "New SAML configuration",
"name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"sso_target_url": "https://saml-example.com",
"fingerprint_algorithm": "http://www.w3.org/2000/09/xmldsig#sha1",
"fingerprint": "4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68",
"certificate": null,
"login_text": "Log in with SAML",
"allowable_clock_drift": 0,
"attribute_for_email": "email",
"attribute_for_first_name": "given_name",
"attribute_for_last_name": "surname",
"attribute_for_member_of": "member_of",
"sign_authn_requests": false,
"authn_request_digest_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
"authn_request_signature_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
"authn_request_certificate": null,
"authn_request_private_key": null
}
]


Show specific SAML configuration

GET /system/saml_configurations/{id}

Request Example

curl -g "http://shares.example.com/system/saml_configurations/478127566" -X GET

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"381c1072289a02aebe612e063210bfa1"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: f07bdde4-065d-4198-a33d-287bac4f45a3
X-Runtime: 0.011445
Content-Length: 827

Success Response Example

200 OK
{
"id": 478127566,
"name": "New SAML configuration",
"enabled": true,
"name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"fingerprint_algorithm": "http://www.w3.org/2000/09/xmldsig#sha1",
"sso_target_url": "https://saml-example.com",
"certificate": null,
"fingerprint": "4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68",
"login_text": "Log in with SAML",
"restrict_login_to_known_groups": true,
"allowable_clock_drift": 0,
"attribute_for_email": "email",
"attribute_for_first_name": "given_name",
"attribute_for_last_name": "surname",
"attribute_for_member_of": "member_of",
"sign_authn_requests": false,
"authn_request_digest_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
"authn_request_signature_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
"authn_request_certificate": null,
"authn_request_private_key": null
}


Create SAML configuration

POST /system/saml_configurations/

Request Example

curl "http://shares.example.com/system/saml_configurations/" -d '{"name":"New SAML configuration","enabled":true,"sso_target_url":"https://saml-example.com","name_id_format":"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified","fingerprint_algorithm":"http://www.w3.org/2000/09/xmldsig#sha1","fingerprint":"4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68","certificate":"-----BEGIN CERTIFICATE-----\nMIICRjCCAa+gAwIBAgIBADANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTENMAsGA1UECgwEVGVzdDENMAsGA1UEAwwEVGVz\ndDAeFw0xNjExMTUyMjE1MDhaFw0xNzExMTUyMjE1MDhaMEAxCzAJBgNVBAYTAnVz\nMRMwEQYDVQQIDApDYWxpZm9ybmlhMQ0wCwYDVQQKDARUZXN0MQ0wCwYDVQQDDARU\nZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaFjgU41nUTW2TPPFW7vls\ntABbIkMUINxIdYVXixHYEpjAFFcHTlN9Uy+BM+4rH4So8kBmdS0Bq53wUj1xlTzV\n2q1JeATnn9mQqdhD4rlnG82i7dkYs62Qk2quIoBM/4HNbD0O1Q6BJAx2QbXHT2Xt\nD/Kma3EEKED+oOSVbIatVwIDAQABo1AwTjAdBgNVHQ4EFgQUfvJmmvZYJPfRm9t5\n2ewyqpDchn4wHwYDVR0jBBgwFoAUfvJmmvZYJPfRm9t52ewyqpDchn4wDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQCHB/nxIXpdrCJXuHvIEwZ6vwSO1Mps\nJHC6pfd/kxomRKOIN3RbQMj9almImYUeR6HLA4nocDSTdDoIAIsGxhIG7GNkSKkn\nvkdSpJPOXhcyxhjIHVwXXx9JdnJ53DSp9lulUwprb5KAFtAtjl4qFglbG0NVD9+w\nc68RVZf3B87/EA==\n-----END CERTIFICATE-----","login_text":"Log in with SAML","restrict_login_to_known_groups":true,"allowable_clock_drift":0,"attribute_for_email":"email","attribute_for_first_name":"given_name","attribute_for_last_name":"surname","attribute_for_member_of":"member_of","sign_authn_requests":false}' -X POST \
	-H "Content-Type: application/json" \
	-H "Accept: application/json" \
	-H "Authorization: Bearer access_token" \
	-H "Host: example.org" \
	-H "Cookie: "

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"ead2a53c8d44b9619403476ea51cf78c"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: ad784d75-ceef-47f6-8184-e8261156ef74
X-Runtime: 0.058898
Content-Length: 1681

Success Response Example

201 Created
{
  "id": 1,
  "name": "New SAML configuration",
  "enabled": true,
  "name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
  "fingerprint_algorithm": "http://www.w3.org/2000/09/xmldsig#sha1",
  "sso_target_url": "https://saml-example.com",
  "certificate": "-----BEGIN CERTIFICATE-----\nMIICRjCCAa+gAwIBAgIBADANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTENMAsGA1UECgwEVGVzdDENMAsGA1UEAwwEVGVz\ndDAeFw0xNjExMTUyMjE1MDhaFw0xNzExMTUyMjE1MDhaMEAxCzAJBgNVBAYTAnVz\nMRMwEQYDVQQIDApDYWxpZm9ybmlhMQ0wCwYDVQQKDARUZXN0MQ0wCwYDVQQDDARU\nZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaFjgU41nUTW2TPPFW7vls\ntABbIkMUINxIdYVXixHYEpjAFFcHTlN9Uy+BM+4rH4So8kBmdS0Bq53wUj1xlTzV\n2q1JeATnn9mQqdhD4rlnG82i7dkYs62Qk2quIoBM/4HNbD0O1Q6BJAx2QbXHT2Xt\nD/Kma3EEKED+oOSVbIatVwIDAQABo1AwTjAdBgNVHQ4EFgQUfvJmmvZYJPfRm9t5\n2ewyqpDchn4wHwYDVR0jBBgwFoAUfvJmmvZYJPfRm9t52ewyqpDchn4wDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQCHB/nxIXpdrCJXuHvIEwZ6vwSO1Mps\nJHC6pfd/kxomRKOIN3RbQMj9almImYUeR6HLA4nocDSTdDoIAIsGxhIG7GNkSKkn\nvkdSpJPOXhcyxhjIHVwXXx9JdnJ53DSp9lulUwprb5KAFtAtjl4qFglbG0NVD9+w\nc68RVZf3B87/EA==\n-----END CERTIFICATE-----",
  "fingerprint": "4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68",
  "login_text": "Log in with SAML",
  "restrict_login_to_known_groups": true,
  "allowable_clock_drift": 0,
  "attribute_for_email": "email",
  "attribute_for_first_name": "given_name",
  "attribute_for_last_name": "surname",
  "attribute_for_member_of": "member_of",
  "sign_authn_requests": false,
  "authn_request_digest_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
  "authn_request_signature_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
  "authn_request_certificate": null,
  "authn_request_private_key": null
}


Update SAML configuration

PUT /system/saml_configurations/{id}

Request Example

curl "http://shares.example.com/system/saml_configurations/478127566" -d '{"name":"Newer SAML configuration","enabled":false,"sso_target_url":"https://other-saml-example.com","name_id_format":"urn:oasis:names:tc:SAML:2.0:nameid-format:transient","fingerprint_algorithm":"http://www.w3.org/2001/04/xmlenc#sha256","fingerprint":"4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68","certificate":null,"login_text":"Don\u0027t log in with SAML","allowable_clock_drift":10,"restrict_login_to_known_groups":true,"attribute_for_email":"mail","attribute_for_first_name":"givenName","attribute_for_last_name":"sn","attribute_for_member_of":"memberOf","sign_authn_requests":false}' -X PUT

Response Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://local.connectme.us https://d3gcli72yxqn2z.cloudfront.net http://d3gcli72yxqn2z.cloudfront.net
Content-Type: application/json; charset=utf-8
ETag: W/"4db88d51fdfb0e8ac22da22e612199f6"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 78562929-50ad-4898-a5b2-c0381dae59f0
X-Runtime: 0.019015
Content-Length: 834

Success Response Example

200 OK
{
  "id": 478127566,
  "name": "Newer SAML configuration",
  "enabled": false,
  "name_id_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
  "fingerprint_algorithm": "http://www.w3.org/2001/04/xmlenc#sha256",
  "sso_target_url": "https://other-saml-example.com",
  "certificate": null,
  "fingerprint": "4B:5B:1B:AD:CC:2B:7E:05:AC:8C:F0:31:91:82:57:3D:55:A8:CE:68",
  "login_text": "Don't log in with SAML",
  "restrict_login_to_known_groups": true,
  "allowable_clock_drift": 10,
  "attribute_for_email": "mail",
  "attribute_for_first_name": "givenName",
  "attribute_for_last_name": "sn",
  "attribute_for_member_of": "memberOf",
  "sign_authn_requests": false,
  "authn_request_digest_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
  "authn_request_signature_method": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
  "authn_request_certificate": null,
  "authn_request_private_key": null
}

Video player

Video

×