Add SAML Settings for Prisma Cloud Compute
POST/api/v31.02/settings/saml
x-prisma-cloud-target-env: {"permission":"authConfiguration","saas":false,"self-hosted":true}
x-public: true
Configures the SAML settings that is used to authenticate to the Prisma Cloud Compute.
For more information, see Okta via SAML 2.0, G Suite via SAML, Azure AD via SAML, PingFederate via SAML, and ADFS via SAML.
cURL Request
Refer to the following example cURL request that uses the basic auth to set up and enable the SAML integration with Prisma Cloud Compute:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
-d '{
"enabled": true,
"url": "https://my-adfs-server.twistlock.com/adfs/SSO",
"cert": "<CERTIFICATE>",
"issuer": "https://my-adfs-server.twistlock.com/adfs/services/trust",
"type": "adfs",
"audience": "twistlock",
"appId": "",
"tenantId": "",
"appSecret": {
"encrypted": ""
}
}' \
"https://<CONSOLE>/api/v<VERSION>/settings/saml"
Request
- application/json
Body
AppID is the Azure application ID.
appSecret object
Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database
Specifies an encrypted value of the secret.
Specifies the plain text value of the secret.
Audience specifies the SAML audience used in the verification of the SAML response.
Cert is idp certificate in PEM format.
ConsoleURL is the external Console URL that is used by the IDP for routing the browser after login.
Enabled indicates whether saml settings are enabled.
GroupAttribute is the name of the group attribute.
Issuer is idp issuer id.
ProviderAlias is the provider alias used for display.
SkipAuthnContext indicates whether request authentication contexts should be skipped.
TenantID is the Azure Tenant ID.
Possible values: [okta,gsuite,ping,shibboleth,azure,adfs]
SamlType represents the type of a SAML configured settings
URL is idp sso url.
Responses
- 200
- default
OK