IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
SAML service provider metadata API
editSAML service provider metadata API
editGenerate SAML metadata for a SAML 2.0 Service Provider.
Request
editGET /_security/saml/metadata/<realm_name>
Description
editThe SAML 2.0 specification provides a mechanism for Service Providers to describe their capabilities and configuration using a metadata file. This API generates Service Provider metadata, based on the configuration of a SAML realm in Elasticsearch.
Path parameters
edit-
<realm_name>
- (Required, string) The name of the SAML realm in Elasticsearch.
Response body
edit-
metadata
- (string) An XML string that contains a SAML Service Provider’s metadata for the realm.
Examples
editThe following example generates Service Provider metadata for
SAML realm saml1
:
GET /_security/saml/metadata/saml1
The API returns the following response containing the SAML metadata as an XML string:
{ "metadata" : "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"https://kibana.org\"><md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"true\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://kibana.org/logout\"/><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://kibana.org/api/security/saml/callback\" index=\"1\" isDefault=\"true\"/></md:SPSSODescriptor></md:EntityDescriptor>" }