We've developped and we're running a Perl Command Line Interface (CLI)
script to add a SAML Service Provider using CreateSAMLServiceProvider
method. We'd like to know how to set the EnableAuthnRequestPost
property. Is there a way to do this ?
We've followed this documentation to implement our script :
CLI Affiliate Domain Methods
SAML 2.0 Property Reference
Policy Server 12.8SP4 on RedHat 7
At first glance, the Method CreateSAMLServiceProvider is for Legacy
Affiliate Domains, and not for SAML Partnership. Perl CLI is limited
to only the Legacy Affiliate Objects.
Perl CLI method to manage federation partnerships
The partnership functionality has not been added to any API.
The Attribute you're looking to add to the Legacy Affilicate Domain,
is a Partnership attribute, not an Affiliate Domain one :
CA SSO : R12.52 - Supported Auth Requests (for Affiliate Domain)?
Post Binding Authentication Request (in Affiliate Domain) is not
supported by any means.
As such, in order to benefit from that EnableAuthnRequestPost
property, you have to move the Legacy Affiliate configuration to a
Partnership one, and you should need to use another programming
interface as the REST API :
Policy Object REST APIs
Policy Data API - Federation Objects