/**
 * authentik
 * Making authentication simple.
 *
 * The version of the OpenAPI document: 2025.6.3
 * Contact: hello@goauthentik.io
 *
 * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
 * https://openapi-generator.tech
 * Do not edit the class manually.
 */
import type { DigestAlgorithmEnum } from './DigestAlgorithmEnum';
import type { SignatureAlgorithmEnum } from './SignatureAlgorithmEnum';
import type { SpBindingEnum } from './SpBindingEnum';
/**
 * SAMLProvider Serializer
 * @export
 * @interface SAMLProviderRequest
 */
export interface SAMLProviderRequest {
    /**
     *
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    name: string;
    /**
     * Flow used for authentication when the associated application is accessed by an un-authenticated user.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    authenticationFlow?: string | null;
    /**
     * Flow used when authorizing this provider.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    authorizationFlow: string;
    /**
     * Flow used ending the session from a provider.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    invalidationFlow: string;
    /**
     *
     * @type {Array<string>}
     * @memberof SAMLProviderRequest
     */
    propertyMappings?: Array<string>;
    /**
     *
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    acsUrl: string;
    /**
     * Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    audience?: string;
    /**
     * Also known as EntityID
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    issuer?: string;
    /**
     * Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    assertionValidNotBefore?: string;
    /**
     * Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    assertionValidNotOnOrAfter?: string;
    /**
     * Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    sessionValidNotOnOrAfter?: string;
    /**
     * Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    nameIdMapping?: string | null;
    /**
     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    authnContextClassRefMapping?: string | null;
    /**
     *
     * @type {DigestAlgorithmEnum}
     * @memberof SAMLProviderRequest
     */
    digestAlgorithm?: DigestAlgorithmEnum;
    /**
     *
     * @type {SignatureAlgorithmEnum}
     * @memberof SAMLProviderRequest
     */
    signatureAlgorithm?: SignatureAlgorithmEnum;
    /**
     * Keypair used to sign outgoing Responses going to the Service Provider.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    signingKp?: string | null;
    /**
     * When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    verificationKp?: string | null;
    /**
     * When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key.
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    encryptionKp?: string | null;
    /**
     *
     * @type {boolean}
     * @memberof SAMLProviderRequest
     */
    signAssertion?: boolean;
    /**
     *
     * @type {boolean}
     * @memberof SAMLProviderRequest
     */
    signResponse?: boolean;
    /**
     * This determines how authentik sends the response back to the Service Provider.
     * @type {SpBindingEnum}
     * @memberof SAMLProviderRequest
     */
    spBinding?: SpBindingEnum;
    /**
     * Default relay_state value for IDP-initiated logins
     * @type {string}
     * @memberof SAMLProviderRequest
     */
    defaultRelayState?: string;
}
/**
 * Check if a given object implements the SAMLProviderRequest interface.
 */
export declare function instanceOfSAMLProviderRequest(value: object): value is SAMLProviderRequest;
export declare function SAMLProviderRequestFromJSON(json: any): SAMLProviderRequest;
export declare function SAMLProviderRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): SAMLProviderRequest;
export declare function SAMLProviderRequestToJSON(json: any): SAMLProviderRequest;
export declare function SAMLProviderRequestToJSONTyped(value?: SAMLProviderRequest | null, ignoreDiscriminator?: boolean): any;
//# sourceMappingURL=SAMLProviderRequest.d.ts.map