apm sso saml-sp-automation
apm sso saml-sp-automation(1) BIG-IP TMSH Manual apm sso saml-sp-automation(1)
NAME
saml-sp-automation - Specify SAML SP connector automation configuration used to automate creation and
management of 'SP Connectors' from the remotely published metadata file(s).
MODULE
apm sso
SYNTAX
Configure the saml-sp-automation component within the sso module using the syntax shown in the following
sections.
CREATE/MODIFY
create saml-sp-automation [name]
modify saml-sp-automation [name]
options:
app-service [[string] | none]
description [[string] | none]
dns-resolver-name [string]
frequency [integer]
metadata-urls [add | delete | modify | none | replace-all-with] {
name [string] {
url-value [string]
}
}
serverssl-profile-name [[string] | none]
sp-obj-name-tag [string]
sso-config-saml [string]
edit saml-sp-automation [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list saml-sp-automation
list saml-sp-automation [ [ [name] | [glob] | [regex] ] ... ]
show running-config saml-sp-automation
show running-config saml-sp-automation [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete saml-sp-automation [name]
DESCRIPTION
You can use saml-sp-automation to create and manage SAML SP automation objects that are used to create,
modify, and delete 'SP Connectors' from the remotely published metadata files.
EXAMPLES
create saml-sp-automation my_sp_automation { metadata-urls add { f5 { url-value https://f5.com/metadata.xml }
} dns-resolver-name . sso-config-saml my_saml_idp serverssl-profile-name serverssl } Creates SAML SP
automation object named my_sp_automation bound to a SAML IdP service my_saml_idp with frequency set to 60
minutes with one entry for metadata-url as https://f5.com/metadata.xml, dns-resolver-name as . and serverssl-
profile-name as serverssl.
list saml-sp-automation
Displays a list of SAML SP automation objects.
delete saml-sp-automation my_sp_automation
Deletes the my_sp_automation SAML SP automation object.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
description
Specifies the description for the IdP automation object.
dns-resolver-name
Specifies the DNS resolver object to be used for connecting to servers hosting metadata file(s).
frequency
The frequency in minutes at which APM polls the SP metadata files and updates the SP connectors and
bindings to the specified SSO SAML server. The default value is 60.
metadata-urls
Specifies a list of one or more URLs containing the metadata files.
serverssl-profile-name
Specifies the SSL profile to be used by the BIG-IP system when connecting to the server hosting metadata
file(s).
sp-obj-name-tag
Specifies the name of a tag within the metadata file that contains a value that APM includes in the names
of the created SP connectors. If no value is specified, entityID from metadata is used as part of created
SP connector name.
sso-config-saml
Specifies the SSO SAML server to which the SP connectors created by this automation are bound.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2017. All rights reserved.
BIG-IP 2017-10-30 apm sso saml-sp-automation(1)