create-saml-provider

subtitle

Creates a SAML provider in CDP.

version

0.9.128

Description

Creates a SAML provider in CDP.

Synopsis

  create-saml-provider
--saml-provider-name <value>
[--saml-metadata-document <value>]
[--sync-groups-on-login | --no-sync-groups-on-login]
[--generate-workload-username-by-email | --no-generate-workload-username-by-email]
[--enable-scim | --no-enable-scim]
[--cli-input-json <value>]
[--generate-cli-skeleton]

Options

--saml-provider-name (string)

The name of SAML provider. The name must be unique, must have a maximum of 128 characters, and must contain only alphanumeric characters, “-” and “_”. Names are are not case-sensitive.

--saml-metadata-document (string)

SAML metadata document XML file. Length of meta data document cannot be more than 200 KB (200,000 bytes).

--sync-groups-on-login | --no-sync-groups-on-login (boolean)

Whether to sync group information for users federated with this SAML provider. Group membership can be passed using the https://cdp.cloudera.com/SAML/Attributes/groups SAML assertion. The default is to synchronize group membership.

--generate-workload-username-by-email | --no-generate-workload-username-by-email (boolean)

Whether to generate users’ workload username by email . The default is to generate workload usernames by identity provider user ID (SAML NameID).

--enable-scim | --no-enable-scim (boolean)

Whether to enable SCIM on this SAML provider. System for Cross-domain Identity Management (SCIM) version 2.0 is a standard for automating the provisioning of user and group identity information from identity provider to CDP. It is not supported for Cloudera for Government.

Form Factors: public

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.

Output

samlProvider -> (object)

Information used to connect a CDP account to an external identity provider.

crn -> (string)

CRN of the SAML provider in CDP.

creationDate -> (datetime)

The date when this SAML provider record was created.

samlProviderName -> (string)

Name of the SAML provider.

samlProviderId -> (string)

The unique ID of the saml provider.

syncGroupsOnLogin -> (boolean)

Whether users federated with this SAML provider will have their group membership synchronized. Group membership can be passed using the https://cdp.cloudera.com/SAML/Attributes/groups SAML assertion.

generateWorkloadUsernameByEmail -> (boolean)

Whether to generate users’ workload username by email or by identity provider user ID (SAML NameID).

enableScim -> (boolean)

Whether SCIM is enabled on this SAML provider. System for Cross-domain Identity Management (SCIM) version 2.0 is a standard for automating the provisioning of user and group identity information from identity provider to CDP. It is omitted for Cloudera for Government.

Form Factors: public

scimUrl -> (string)

The SCIM URL if SCIM is enabled. It is omitted for Cloudera for Government.

samlMetadataDocument -> (string)

The original metadata that was passed while creating the SAML provider connector. This field will not be set when the SAML provider does not have metadata. This field will not be set for list-saml-providers API response.

cdpSpMetadata -> (string)

The Service Provider SAML metadata specific to this CDP SAML provider. This field will only be set for create-saml-provider and describe-saml-provider API calls.

Form Factors

public, private