Skip to main content
Version: 7.2405.x.x LTS

samlFederationDetailLevel

If samlFederationDetailLevel is set, the response can contain the following information:

  • EXCLUDE: No saml federation information is returned.
  • LOW:
    • userExtId
    • credentialExtId
    • state
  • MEDIUM: All elements from the LOW detail level plus:
    • subjectNameId
    • subjectNameIdFormat
    • issuerNameId
    • issuerNameIdFormat
  • HIGH: All elements from the MEDIUM detail level plus:
    • ctlCreUid
    • ctlCreDat
    • ctlModUid
    • ctlModDat
    • ctlTcn

The following detail levels can be useful in combination with samlFederationDetailLevel:

  • credentialDetailLevel
  • defaultDetailLevel

Example of a request and response with samlFederationDetailLevel set to MEDIUM:

Request:

<v1:queryCredentials>
  <query>
    <clientName>Default</clientName>
    <detailLevels>
      <credentialDetailLevel>MEDIUM</credentialDetailLevel>
      <samlFederationDetailLevel>MEDIUM</samlFederationDetailLevel>
    </detailLevels>
    <credential>
      <type>SAML_FEDERATION</type>
      <userExtId>240000024</userExtId>
    </credential>
  </query>
</v1:queryCredentials>

Response:

<ns2:queryCredentialsResponse
        xmlns:ns2="http://adnovum.ch/nevisidm/ws/services/v1">
  <return>
    <userExtId>240000024</userExtId>
    <state>ACTIVE</state>
    <type>SAML_FEDERATION</type>
    <lastChange>2024-05-17T13:24:29.000+02:00</lastChange>
    <validFrom>2024-05-16T13:24:29.000+02:00</validFrom>
    <validTo>2024-05-18T13:24:29.000+02:00</validTo>
    <failureCount>0</failureCount>
    <successCount>0</successCount>
    <resetCount>0</resetCount>
    <value>{SSHA256}Pm3+1jeRcE8K4cnFByvGHwJsLXf1RNiWBnJnSwh366DYidNfYBn/FaSu</value>
    <extId>240000024</extId>
    <policyName>Default SAML Federation policy</policyName>
    <policyExtId>99990044</policyExtId>
    <samlFederation>
      <userExtId>240000024</userExtId>
      <credentialExtId>240000024</credentialExtId>
      <state>ACTIVE</state>
      <subjectNameId>auditTestForDelete</subjectNameId>
      <subjectNameIdFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</subjectNameIdFormat>
      <issuerNameId>auditTestForDelete</issuerNameId>
      <issuerNameIdFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</issuerNameIdFormat>
    </samlFederation>
  </return>
</ns2:queryCredentialsResponse>