/** * authentik * Making authentication simple. * * The version of the OpenAPI document: 2026.2.3-rc1 * Contact: hello@goauthentik.io * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ import type { DigestAlgorithmEnum } from './DigestAlgorithmEnum'; import type { SignatureAlgorithmEnum } from './SignatureAlgorithmEnum'; import type { SAMLNameIDPolicyEnum } from './SAMLNameIDPolicyEnum'; import type { SAMLLogoutMethods } from './SAMLLogoutMethods'; import type { SAMLBindingsEnum } from './SAMLBindingsEnum'; /** * SAMLProvider Serializer * @export * @interface PatchedSAMLProviderRequest */ export interface PatchedSAMLProviderRequest { /** * * @type {string} * @memberof PatchedSAMLProviderRequest */ name?: string; /** * Flow used for authentication when the associated application is accessed by an un-authenticated user. * @type {string} * @memberof PatchedSAMLProviderRequest */ authenticationFlow?: string | null; /** * Flow used when authorizing this provider. * @type {string} * @memberof PatchedSAMLProviderRequest */ authorizationFlow?: string; /** * Flow used ending the session from a provider. * @type {string} * @memberof PatchedSAMLProviderRequest */ invalidationFlow?: string; /** * * @type {Array} * @memberof PatchedSAMLProviderRequest */ propertyMappings?: Array; /** * * @type {string} * @memberof PatchedSAMLProviderRequest */ acsUrl?: string; /** * Single Logout Service URL where the logout response should be sent. * @type {string} * @memberof PatchedSAMLProviderRequest */ slsUrl?: string; /** * Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added. * @type {string} * @memberof PatchedSAMLProviderRequest */ audience?: string; /** * Also known as EntityID * @type {string} * @memberof PatchedSAMLProviderRequest */ issuer?: string; /** * Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3). * @type {string} * @memberof PatchedSAMLProviderRequest */ assertionValidNotBefore?: string; /** * Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3). * @type {string} * @memberof PatchedSAMLProviderRequest */ assertionValidNotOnOrAfter?: string; /** * Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3). * @type {string} * @memberof PatchedSAMLProviderRequest */ sessionValidNotOnOrAfter?: string; /** * Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered * @type {string} * @memberof PatchedSAMLProviderRequest */ nameIdMapping?: string | null; /** * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate. * @type {string} * @memberof PatchedSAMLProviderRequest */ authnContextClassRefMapping?: string | null; /** * * @type {DigestAlgorithmEnum} * @memberof PatchedSAMLProviderRequest */ digestAlgorithm?: DigestAlgorithmEnum; /** * * @type {SignatureAlgorithmEnum} * @memberof PatchedSAMLProviderRequest */ signatureAlgorithm?: SignatureAlgorithmEnum; /** * Keypair used to sign outgoing Responses going to the Service Provider. * @type {string} * @memberof PatchedSAMLProviderRequest */ signingKp?: string | null; /** * When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. * @type {string} * @memberof PatchedSAMLProviderRequest */ verificationKp?: string | null; /** * When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. * @type {string} * @memberof PatchedSAMLProviderRequest */ encryptionKp?: string | null; /** * * @type {boolean} * @memberof PatchedSAMLProviderRequest */ signAssertion?: boolean; /** * * @type {boolean} * @memberof PatchedSAMLProviderRequest */ signResponse?: boolean; /** * * @type {boolean} * @memberof PatchedSAMLProviderRequest */ signLogoutRequest?: boolean; /** * This determines how authentik sends the response back to the Service Provider. * @type {SAMLBindingsEnum} * @memberof PatchedSAMLProviderRequest */ spBinding?: SAMLBindingsEnum; /** * This determines how authentik sends the logout response back to the Service Provider. * @type {SAMLBindingsEnum} * @memberof PatchedSAMLProviderRequest */ slsBinding?: SAMLBindingsEnum; /** * Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding). * @type {SAMLLogoutMethods} * @memberof PatchedSAMLProviderRequest */ logoutMethod?: SAMLLogoutMethods; /** * Default relay_state value for IDP-initiated logins * @type {string} * @memberof PatchedSAMLProviderRequest */ defaultRelayState?: string; /** * * @type {SAMLNameIDPolicyEnum} * @memberof PatchedSAMLProviderRequest */ defaultNameIdPolicy?: SAMLNameIDPolicyEnum; } /** * Check if a given object implements the PatchedSAMLProviderRequest interface. */ export declare function instanceOfPatchedSAMLProviderRequest(value: object): value is PatchedSAMLProviderRequest; export declare function PatchedSAMLProviderRequestFromJSON(json: any): PatchedSAMLProviderRequest; export declare function PatchedSAMLProviderRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): PatchedSAMLProviderRequest; export declare function PatchedSAMLProviderRequestToJSON(json: any): PatchedSAMLProviderRequest; export declare function PatchedSAMLProviderRequestToJSONTyped(value?: PatchedSAMLProviderRequest | null, ignoreDiscriminator?: boolean): any; //# sourceMappingURL=PatchedSAMLProviderRequest.d.ts.map