Summary

The setLoginBridge() GraphQL mutation is used to set the login bridge.

API Stability Long-Term

Syntax

graphql
setLoginBridge(
      input: LoginBridgeInput!
   ): LoginBridge!

For the input, you'll have to give the login bridge information, such as the login URL, the SAML identity. See the Input Parameters for the parameters and details.

For the results, you can get the login URL, the response from SAML, and the relay state. See the Returned Values for what's available.

Example

Raw
graphql
mutation {
  setLoginBridge( input:
    { name: "my-bridge",
      description: "My Login Bridge",
      issuer: "toll-taker",
      remoteId: "over-there-123",
      loginUrl: "https://bridge.company.com",
      relayStateUrl: "https://state.company.com",
      samlEntityId: "abc123",
      privateSamlCertificate: "something",
      publicSamlCertificate: "something",
      allowedUsers: ["bob", "ted"],
      groupAttribute: "something",
      groups: ["sales","managers"],
      organizationIdAttributeName: "something",
      generateUserName: false,
      termsDescription: "Terms of Login",
      termsLink: "https://bridge.company.com/terms.page"
    } 
  )
  { remoteId }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  setLoginBridge( input: ^
    { name: \"my-bridge\", ^
      description: \"My Login Bridge\", ^
      issuer: \"toll-taker\", ^
      remoteId: \"over-there-123\", ^
      loginUrl: \"https://bridge.company.com\", ^
      relayStateUrl: \"https://state.company.com\", ^
      samlEntityId: \"abc123\", ^
      privateSamlCertificate: \"something\", ^
      publicSamlCertificate: \"something\", ^
      allowedUsers: [\"bob\", \"ted\"], ^
      groupAttribute: \"something\", ^
      groups: [\"sales\",\"managers\"], ^
      organizationIdAttributeName: \"something\", ^
      generateUserName: false, ^
      termsDescription: \"Terms of Login\", ^
      termsLink: \"https://bridge.company.com/terms.page\" ^
    }  ^
  ) ^
  { remoteId } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  setLoginBridge( input:
    { name: \"my-bridge\",
      description: \"My Login Bridge\",
      issuer: \"toll-taker\",
      remoteId: \"over-there-123\",
      loginUrl: \"https://bridge.company.com\",
      relayStateUrl: \"https://state.company.com\",
      samlEntityId: \"abc123\",
      privateSamlCertificate: \"something\",
      publicSamlCertificate: \"something\",
      allowedUsers: [\"bob\", \"ted\"],
      groupAttribute: \"something\",
      groups: [\"sales\",\"managers\"],
      organizationIdAttributeName: \"something\",
      generateUserName: false,
      termsDescription: \"Terms of Login\",
      termsLink: \"https://bridge.company.com/terms.page\"
    } 
  )
  { remoteId }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "setLoginBridge": {
      "remoteId": "over-there-123",
      }
    }
  }
}

Input Parameters

For the input, you'll have to give the login bridge information, such as the login URL, the SAML identity and other SAML information. These parameters and others are described in the table below:

Table: LoginBridgeInput Input Datatype

ParameterTypeRequiredDefaultStabilityDescription
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Sep 19, 2024
additionalAttributesstring  Long-TermAny additional attributes.
allowedUsers[string]yes Long-TermA list of users allowed to access the bridge.
descriptionstringyes Long-TermA description of the login bridge to update.
generateUserNamebooleanyes Long-TermWhether to generate user names.
groupAttributestringyes Long-TermThe group attributes.
groups[string]yes Long-TermAny groups associated with the login bridge.
issuerstringyes Long-TermThe issuer to update.
loginUrlstringyes Long-TermThe URL of the login bridge.
namestringyes Long-TermThe name of the login bridge to update.
organizationIdAttributeNamestringyes Long-TermThe organization's unique identifier of the attribute name.
organizationNameAttributestring  Long-TermThe organization's name of the attribute.
privateSamlCertificatestringyes Long-TermThe private SAML certificate.
publicSamlCertificatestringyes Long-TermThe public SAML certificate.
relayStateUrlstringyes Long-TermThe relay state URL.
remoteIdstringyes Long-TermThe remote unique identifier of the login bridge.
samlEntityIdstringyes Long-TermThe unique identifier of the SAML entity.
termsDescriptionstringyes Long-TermA description of the terms.
termsLinkstringyes Long-TermA link to the terms and conditions.

Returned Values

For the results, you can get the login URL, the response from SAML, and the relay state. These are described in the table here:

Table: LoginBridge Datatype

ParameterTypeRequiredDefaultStabilityDescription
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Sep 26, 2024
additionalAttributesstring  Long-TermAny additional attributes.
allowedUsers[User]yes Long-TermA list of users allowed to access the bridge. See User.
anyUserAlreadyLoggedInViaLoginBridgebooleanyes Long-TermTrue if any user in this organization has logged in to CrowdStream via LogScale. Requires manage organizations permissions. Whether to generate user names.
descriptionstringyes Long-TermA description of the login bridge.
generateUserNamebooleanyes Long-TermWhether to generate user names.
groupAttributestringyes Long-TermAny group attributes.
groups[string]yes Long-TermAny groups associated with the login bridge.
issuerstringyes Long-TermThe issuer of the login bridge.
loginUrlstringyes Long-TermThe URL for logging in.
namestringyes Long-TermThe name of the login bridge.
organizationIdAttributeNamestringyes Long-TermThe organization's unique identifier of the attribute name.
organizationNameAttributeNamestring  Long-TermThe organization's name of the attribute name.
publicSamlCertificatestringyes Long-TermThe public SAML certificate.
relayStateUUrlstringyes Long-TermThe relay state URL.
remoteIdstringyes Long-TermThe unique identifier of the remote connection.
samlEntityIdstringyes Long-TermThe unique identifier of the SAML entity.
showTermsAndConditionsbooleanyes Long-TermWhether to show the terms and conditions.
termsDescriptionstringyes Long-TermA description of the terms.
termsLinkstringyes Long-TermA link to the terms and conditions.