ALIYUN::CloudSSO::SAMLIdentityProvider is used to configure the information about a Security Assertion Markup Language (SAML) identity provider (IdP).
Syntax
{
"Type": "ALIYUN::CloudSSO::SAMLIdentityProvider",
"Properties": {
"EntityId": String,
"SSOStatus": String,
"DirectoryId": String,
"EncodedMetadataDocument": String,
"WantRequestSigned": Boolean,
"LoginUrl": String,
"X509Certificate": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
EntityId | String | No | No | The entity ID of the IdP. | None. |
SSOStatus | String | No | No | The status of single sign-on (SSO) logon. | Valid values:
|
DirectoryId | String | Yes | No | The directory ID. | None. |
EncodedMetadataDocument | String | No | No | The metadata file of the IdP. The value of this property is Base64-encoded. | The file is provided by the IdP that supports SAML 2.0. |
WantRequestSigned | Boolean | No | No | Specifies whether CloudSSO needs to sign SAML requests. The requests are sent when users log on to the CloudSSO user portal to initiate SAML-based SSO. | Valid values:
|
LoginUrl | String | No | No | The logon URL of the IdP. | None. |
X509Certificate | String | No | No | The X.509 certificate in the Privacy Enhanced Mail (PEM) format. | If you specify this property, all existing certificates are replaced. |
Return values
Fn::GetAtt
None.