files.com
Version:
Files.com SDK for JavaScript
149 lines (126 loc) • 6.81 kB
Markdown
# SsoStrategy
## Example SsoStrategy Object
```
{
"protocol": "oauth2",
"provider": "okta",
"label": "My Corporate SSO Provider",
"logo_url": "https://mysite.files.com/.../logo.png",
"id": 1,
"user_count": 1,
"saml_provider_cert_fingerprint": "example",
"saml_provider_issuer_url": "example",
"saml_provider_metadata_content": "example",
"saml_provider_metadata_url": "example",
"saml_provider_slo_target_url": "example",
"saml_provider_sso_target_url": "example",
"scim_authentication_method": "example",
"scim_username": "example",
"scim_oauth_access_token": "example",
"scim_oauth_access_token_expires_at": "example",
"subdomain": "my-site",
"provision_users": true,
"provision_groups": true,
"deprovision_users": true,
"deprovision_groups": true,
"deprovision_behavior": "disable",
"provision_group_default": "Employees",
"provision_group_exclusion": "Employees",
"provision_group_inclusion": "Employees",
"provision_group_required": "example",
"provision_email_signup_groups": "Employees",
"provision_readonly_site_admin_groups": "Employees",
"provision_site_admin_groups": "Employees",
"provision_group_admin_groups": "Employees",
"provision_attachments_permission": true,
"provision_dav_permission": true,
"provision_ftp_permission": true,
"provision_sftp_permission": true,
"provision_time_zone": "Eastern Time (US & Canada)",
"provision_company": "ACME Corp.",
"provision_require_2fa": "always_require",
"provider_identifier": "",
"ldap_base_dn": "example",
"ldap_domain": "mysite.com",
"enabled": true,
"ldap_host": "ldap.site.com",
"ldap_host_2": "ldap2.site.com",
"ldap_host_3": "ldap3.site.com",
"ldap_port": 1,
"ldap_secure": true,
"ldap_username": "[ldap username]",
"ldap_username_field": "sAMAccountName"
}
```
* `protocol` (string): SSO Protocol
* `provider` (string): Provider name
* `label` (string): Custom label for the SSO provider on the login page.
* `logo_url` (string): URL holding a custom logo for the SSO provider on the login page.
* `id` (int64): ID
* `user_count` (int64): Count of users with this SSO Strategy
* `saml_provider_cert_fingerprint` (string): Identity provider sha256 cert fingerprint if saml_provider_metadata_url is not available.
* `saml_provider_issuer_url` (string): Identity provider issuer url
* `saml_provider_metadata_content` (string): Custom identity provider metadata
* `saml_provider_metadata_url` (string): Metadata URL for the SAML identity provider
* `saml_provider_slo_target_url` (string): Identity provider SLO endpoint
* `saml_provider_sso_target_url` (string): Identity provider SSO endpoint if saml_provider_metadata_url is not available.
* `scim_authentication_method` (string): SCIM authentication type.
* `scim_username` (string): SCIM username.
* `scim_oauth_access_token` (string): SCIM OAuth Access Token.
* `scim_oauth_access_token_expires_at` (string): SCIM OAuth Access Token Expiration Time.
* `subdomain` (string): Subdomain
* `provision_users` (boolean): Auto-provision users?
* `provision_groups` (boolean): Auto-provision group membership based on group memberships on the SSO side?
* `deprovision_users` (boolean): Auto-deprovision users?
* `deprovision_groups` (boolean): Auto-deprovision group membership based on group memberships on the SSO side?
* `deprovision_behavior` (string): Method used for deprovisioning users.
* `provision_group_default` (string): Comma-separated list of group names for groups to automatically add all auto-provisioned users to.
* `provision_group_exclusion` (string): Comma-separated list of group names for groups (with optional wildcards) that will be excluded from auto-provisioning.
* `provision_group_inclusion` (string): Comma-separated list of group names for groups (with optional wildcards) that will be auto-provisioned.
* `provision_group_required` (string): Comma or newline separated list of group names (with optional wildcards) to require membership for user provisioning.
* `provision_email_signup_groups` (string): Comma-separated list of group names whose members will be created with email_signup authentication.
* `provision_readonly_site_admin_groups` (string): Comma-separated list of group names whose members will be created as Read-Only Site Admins.
* `provision_site_admin_groups` (string): Comma-separated list of group names whose members will be created as Site Admins.
* `provision_group_admin_groups` (string): Comma-separated list of group names whose members will be provisioned as Group Admins.
* `provision_attachments_permission` (boolean):
* `provision_dav_permission` (boolean): Auto-provisioned users get WebDAV permission?
* `provision_ftp_permission` (boolean): Auto-provisioned users get FTP permission?
* `provision_sftp_permission` (boolean): Auto-provisioned users get SFTP permission?
* `provision_time_zone` (string): Default time zone for auto provisioned users.
* `provision_company` (string): Default company for auto provisioned users.
* `provision_require_2fa` (string): 2FA required setting for auto provisioned users.
* `provider_identifier` (string): URL-friendly, unique identifier for Azure SAML configuration
* `ldap_base_dn` (string): Base DN for looking up users in LDAP server
* `ldap_domain` (string): Domain name that will be appended to LDAP usernames
* `enabled` (boolean): Is strategy enabled? This may become automatically set to `false` after a high number and duration of failures.
* `ldap_host` (string): LDAP host
* `ldap_host_2` (string): LDAP backup host
* `ldap_host_3` (string): LDAP backup host
* `ldap_port` (int64): LDAP port
* `ldap_secure` (boolean): Use secure LDAP?
* `ldap_username` (string): Username for signing in to LDAP server.
* `ldap_username_field` (string): LDAP username field
---
## List SSO Strategies
```
await SsoStrategy.list
```
### Parameters
* `cursor` (string): Used for pagination. When a list request has more records available, cursors are provided in the response headers `X-Files-Cursor-Next` and `X-Files-Cursor-Prev`. Send one of those cursor value here to resume an existing list from the next available record. Note: many of our SDKs have iterator methods that will automatically handle cursor-based pagination.
* `per_page` (int64): Number of records to show per page. (Max: 10,000, 1,000 or less is recommended).
* `sort_by` (object): If set, sort records by the specified field in either `asc` or `desc` direction. Valid fields are .
---
## Show SSO Strategy
```
await SsoStrategy.find(id)
```
### Parameters
* `id` (int64): Required - Sso Strategy ID.
---
## Synchronize provisioning data with the SSO remote server
```
const sso_strategy = await SsoStrategy.find(id)
await sso_strategy.sync()
```
### Parameters
* `id` (int64): Required - Sso Strategy ID.