Single Sign-On

5 minute readReference

createSamlIdentityProvider

Creates a new SAML identity provider.

You must specify the samlIdentityProviderName.

Arguments Descriptions

samlIdentityProviderName

The name of the SAML identity provider.

Argument Type: String

colorCode

(Optional) Color code to be associated with the identity provider.

Argument Type: String

description

(Optional) Comment text describing this object that is not interpreted at all by CloudBees CD/RO .

Argument Type: String

enabled

(Optional) If true, enables SAML identity provider.

Argument Type: Boolean

label

(Optional) Label used by UI to display the text (such as a label for UI button).

Argument Type: String

metadata

(Optional) The metadata of the SAML identity provider.

Argument Type: String

Positional arguments

samlIdentityProviderName

Response

Returns a new SAML identity provider object.

ec-perl

syntax: $<object>->createSamlIdentityProvider(<samlIdentityProviderName>, {<optionals>});

Example

$ec->createSamlIdentityProvider("Okta", {colorCode => "#ee3647", enabled => "true", description => "Okta identity provider"});

ectool

syntax: ectool createSamlIdentityProvider <samlIdentityProviderName> [optionals]

Example

ectool createSamlIdentityProvider "OneLogin" --colorCode "#ee3647" enabled "true” --description "OneLogin identity provider"

createSamlServiceProvider

Creates a new SAML service provider.

You must specify the entityId and serverUrl.

Arguments Descriptions

entityId

Service provider entity ID (usually URI).

Argument Type: String

serverUrl

URL for the service provider host.

Argument Type: String

authnRequestsSigned

(Optional) Metadata will have AuthnRequestsSigned="true/false" in descriptor.

Argument Type: Boolean

enabled

(Optional) If true, enables SAML service provider.

Argument Type: Boolean

mdSigningEnabled

(Optional) If true, sign service provider metadata. Argument Type: Boolean

mdSigningPassphrase

(Optional) Passphrase use for service provider metadata signing private key.

Argument Type: String

mdSigningPrivateKey

(Optional) Service provider metadata signing private key (encoded in base64).

Argument Type: String

mdSigningPrivateKeyFile

(Optional) File containing the service provider metadata signing private key.

Argument Type: String

mdSigningPublicCertificate

(Optional) Service provider metadata signing public certificate (encoded in base64).

Argument Type: String

mdSigningPublicCertificateFile

(Optional) File containing the service provider metadata signing public certificate.

Argument Type: String

nameIdFormat

(Optional) NameID format like urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.

Argument Type: String

passphrase

(Optional) Passphrase use for service provider private key.

Argument Type: String

privateKey

Service provider private key (encoded in base64).

Argument Type: String

privateKeyFile

File containing the service provider private key.

Argument Type: String

publicCertificate

Service provider’s public certificate (encoded in base64).

Argument Type: String

publicCertificateFile

File containing the service provider’s public certificate.

Argument Type: String

samlServiceProviderName

(Optional) The name of the SAML service provider.

Argument Type: String

wantAssertionsSigned

(Optional) Metadata will have WantAssertionsSigned="true/false" in descriptor.

Argument Type: String

Positional arguments

entityId, serverUrl

Response

Returns a new SAML service provider object.

ec-perl

syntax: $<object>->createSamlServiceProvider(<entityId>, <serverUrl>, {<optionals>});

Example

$ec->createSamlServiceProvider("https://www.okta.com/exkkti2t90xV5PvX50h7", "https://localhost", {enabled => "true", description => "SP for testing"});

ectool

syntax: ectool createSamlServiceProvider <entityId> <serverUrl> [optionals]

Example

ectool createSamlServiceProvider "https://www.okta.com/exkkti2t90xV5PvX50h7" "https://localhost" --enabled "true" --description "SP for testing"

deleteSamlIdentityProvider

Deletes a SAML identity provider.

You must specify the samlIdentityProviderName.

Arguments Descriptions

samlIdentityProviderName

The name of the SAML identity provider.

Argument Type: String

Positional arguments

samlIdentityProviderName

Response

None.

ec-perl

syntax: $<object>->deleteSamlIdentityProvider(<samlIdentityProviderName>);

Example

$ec->deleteSamlIdentityProvider({samlIdentityProviderName => "Okta"});

ectool

syntax: ectool deleteSamlIdentityProvider <samlIdentityProviderName>

Example

ectool deleteSamlIdentityProvider "OneLogin"

deleteSamlServiceProvider

Deletes a SAML service provider.

You must specify the samlServiceProviderName.

Arguments Descriptions

samlServiceProviderName

The name of the SAML service provider (usually URI).

Argument Type: String

Positional arguments

None.

Response

None.

ec-perl

syntax: $<object>->deleteSamlServiceProvider({<optionals>});

Example

$ec->deleteSamlServiceProvider({samlServiceProviderName => "Okta"});

ectool

syntax: ectool deleteSamlServiceProvider --samlServiceProviderName <samlServiceProviderName>

Example

ectool deleteSamlServiceProvider --samlServiceProviderName "OneLogin"

getSamlIdentityProvider

Retrieves a SAML identity provider by name.

You must specify the samlIdentityProviderName.

Arguments Descriptions

samlIdentityProviderName

The name of the SAML identity provider.

Argument Type: String

Positional arguments

samlIdentityProviderName

Response

Returns a SAML identity provider object.

ec-perl

syntax: $<object>->getSamlIdentityProvider(<samlIdentityProviderName>);

Example

$ec->getSamlIdentityProvider("Okta");

ectool

syntax: ectool getSamlIdentityProvider <samlIdentityProviderName>

Example

ectool getSamlIdentityProvider "OneLogin"

getSamlIdentityProviders

Retrieves all SAML identity providers.

Arguments Descriptions

Positional arguments

None.

Response

Returns all SAML identity provider objects.

ec-perl

syntax: $<object>->getSamlIdentityProviders();

Example

$ec->getSamlIdentityProviders();

ectool

syntax: ectool getSamlIdentityProviders

Example

ectool getSamlIdentityProviders

getSamlServiceProvider

Retrieves a SAML service provider by name.

You must specify samlServiceProviderName.

Arguments Descriptions

samlServiceProviderName

The name of the SAML service provider.

Argument Type: String

Positional arguments

None.

Response

Returns a SAML service provider object.

ec-perl

syntax: $<object>->getSamlServiceProvider({<optionals>});

Example

$ec->getSamlServiceProvider({samlServiceProviderName => "{PRODUCT} "});

ectool

syntax: ectool getSamlServiceProvider --samlServiceProviderName <samlServiceProviderName>

Example

ectool getSamlServiceProvider --samlServiceProviderName "{PRODUCT} "

getSamlServiceProviders

Retrieves all SAML service providers.

Arguments Descriptions

Positional arguments

None.

Response

Returns a list of SAML service provider objects.

ec-perl

syntax: $<object>->getSamlServiceProviders();

Example

$ec->getSamlServiceProviders();

ectool

syntax: ectool getSamlServiceProviders

Example

ectool getSamlServiceProviders

modifySamlIdentityProvider

Modifies an existing SAML identity provider.

You must specify the samlIdentityProviderName.

Arguments Descriptions

samlIdentityProviderName

The name of the SAML identity provider.

Argument Type: String

colorCode

(Optional) Color code to be associated with the identity provider.

Argument Type: String

description

(Optional) Comment text describing this object that is not interpreted at all by CloudBees CD/RO .

Argument Type: String

enabled

(Optional) If true, enables SAML identity provider.

Argument Type: Boolean

label

(Optional) Label used by UI to display the text (e.g. label for UI button).

Argument Type: String

metadata

(Optional) The metadata of the SAML identity provider.

Argument Type: String

newName

(Optional) New name for an existing object that is being renamed.

Argument Type: String

Positional arguments

samlIdentityProviderName

Response

Returns an updated SAML identity provider object.

ec-perl

syntax: $<object>->modifySamlIdentityProvider(<samlIdentityProviderName>, {<optionals>});

Example

$ec->modifySamlIdentityProvider("Okta", {colorCode => "red", label => "Test identity provider", description => "identity provider for authentication testing"});

ectool

syntax: ectool modifySamlIdentityProvider <samlIdentityProviderName> [optionals]

Example

ectool modifySamlIdentityProvider "OneLogin" --colorCode "red" --label "Test identity provider" --description "identity provider for authentication testing"

modifySamlServiceProvider

Modifies an existing SAML service provider.

You must specify the entityId and serverUrl.

Arguments Descriptions

entityId

Service provider entity ID (usually URI).

Argument Type: String

serverUrl

URL for the service provider host.

Argument Type: String

authnRequestsSigned

(Optional) Metadata will have AuthnRequestsSigned="true/false" in descriptor.

Argument Type: Boolean

enabled

(Optional) If true, enables SAML service provider.

Argument Type: Boolean

mdSigningPassphrase

(Optional) Passphrase use for service provider metadata signing private key.

Argument Type: String

mdSigningPrivateKey

(Optional) Service provider metadata signing private key (encoded in base64).

Argument Type: String

mdSigningPrivateKeyFile

(Optional) File containing the service provider metadata signing private key.

Argument Type: String

mdSigningPublicCertificate

(Optional) Service provider metadata signing public certificate (encoded in base64).

Argument Type: String

mdSigningPublicCertificateFile

(Optional) File containing the service provider metadata signing public certificate.

Argument Type: String

nameIdFormat

(Optional) NameID format like urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.

Argument Type: String

passphrase

(Optional) Passphrase to use for service provider private key.

Argument Type: String

privateKey

Service provider private key (encoded in base64).

Argument Type: String

privateKeyFile

(Optional) File containing the service provider private key.

Argument Type: String

publicCertificate

Service provider’s public certificate (encoded in base64).

Argument Type: String

publicCertificateFile

(Optional) File containing the service provider’s public certificate.

Argument Type: String

samlServiceProviderName

(Optional) The name of the SAML service provider.

Argument Type: String

wantAssertionsSigned

(Optional) Metadata will have WantAssertionsSigned="true/false" in descriptor.

Argument Type: Boolean

Positional arguments

entityId, serverUrl.

Response

Returns an updated SAML service provider object.

ec-perl

syntax: $<object>->modifySamlServiceProvider(<entityId>, <serverUrl>, {<optionals>});

Example

$ec->modifySamlServiceProvider("DomainA.com", "https://localhost", {enabled => "false"});

ectool

syntax: ectool modifySamlServiceProvider <entityId> <serverUrl> [optionals]

Example

ectool modifySamlServiceProvider "DomainA.com" "https://localhost" --enabled "false"

setSsoConfiguration

Sets the SSO server configuration.

You must specify enableSsoKerberos or enableSsoSaml.

Arguments Descriptions

enableSsoKerberos

(Optional) Enable or disable SSO Kerberos.

Argument Type: Boolean

enableSsoSaml

(Optional) Enable or disable SSO SAML.

Argument Type: Boolean

Positional arguments

None.

Response

None.

ec-perl

syntax: $<object>->setSsoConfiguration({<optionals>});

Example

$ec->setSsoConfiguration({enableSsoKerberos => "true"});

ectool

syntax: ectool setSsoConfiguration [optionals]

Example

ectool setSsoConfiguration --enableSsoSaml "true"