Reference: RESTful services
Use this information to troubleshoot issues when you use the client facade, or to develop your own SAML 2.0 implementation with the IdP server provided by HCL®.
The REST APIs are implemented using an XML data payload. The SAML assertion is directly passed to the POST methods with digital signatures.
Only the POST method is supported for all verbs to ensure unified method access and to enforce security assertions, based on the XML payload. Other methods, such as GET, PUT, and DELETE, return an error message. The following table represents the verbs that implement the supported use cases.
Resource | Post |
---|---|
<idp>/saml/token/clientId/forUserId/spId/create |
Generate new SAML token. |
<idp>/saml/token/clientId/forUserId/spId/validate |
Validate existing SAML token. |
<idp>/saml/token/clientId/forUserId/spId/delete |
Delete existing SAML token. |