Returns the metadata required to configure SSO integrations.
Request: GET https://api-<DNS.edge.url>/v1/api/ssoIntegrations/metadata Authorization: Bearer authentication token
Response
200 OK Content-Type: application/xml <EntityDescriptor entityID="urn:auth0:<tenant-domain>:<connectionName>" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate><X509SigningCertification></ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate><X509SigningCertification></ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://<tenant-domain>/logout"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<tenant-domain>/logout"/> <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<tenant-domain>/login/callback?connection=<connectionName>" index="0" isDefault="true"/> </SPSSODescriptor> </EntityDescriptor>
Successful response code:
- OK - Successful request
Possible error codes:
- UNAUTHORIZED - Invalid access token
- INTERNAL SERVER ERROR - Unexpected error