The updateSamlIdentityProvider() GraphQL mutation is used to update the SAML identity provider in LogScale.

For more information on SAML, see the Configuration & Authentication with SAML documentation page. You may also want to look at Authentication & Identity Providers for related information.


Below is the syntax for the updateSamlIdentityProvider() mutation field:

   id: string!
   name: string!
   signOnUrl: string!
   idpCertificateInBase64: string!
   idpEntityId: string!
   domains: [string!]!
   groupMembershipAttribute: string
   userAttribute: string
   enableDebug: boolean = false
   adminAttribute: string
   adminAttributeMatch: string
): SamlIdentityProvider!

Returned Datatypes

The returned datatype SamlIdentityProvider has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: SamlIdentityProvider

idstringyes The unique identifier for the SAML installation.
namestringyes The name of the SAML identity provider.
domains[string]yes The domains of the SAML identity provider.
groupMembershipAttributestring  The saml attribute used to extract groups from when receiving the SamlResponse from the IDP. The groups from the response will be used to synchronize the membership of groups in LogScale. The group name and external provider name of the group are matched in LogScale.
idpCertificateInBase64stringyes The identity provider's certificated converted to Base64.
idpEntityIdstringyes The unique identifier of the IDP entity.
signOnUrlstringyes The URL of where the sign on page is located.
authenticationMethodAuthenticationMethodAuth  The authentication method used (see AuthenticationMethodAuth Table).
userAttributestring  This is the saml attribute from which to extract username when receiving the


from the IDP. If not specified, the default


will be used.
adminAttributestring  This field is for internal use only by LogScale.
adminAttributeMatchstring  This field is for internal use only by LogScale.
defaultIdpbooleanyes Whether the identity service provider is the default.
humioManagedbooleanyes Where SAML authentication is managed by LogScale.
lazyCreateUsersbooleanyes Whether to wait to create users until necessary.
debugbooleanyes Whether debugging is enabled.

[a] Some arguments may be required, as indicated in this column. For some fields, this column indicates that a result will always be returned for it.