The samlIdentityProvider() GraphQL query will get information on a SAML identity provider.

Syntax

Below is the syntax for the samlIdentityProvider() query field:

graphql
samlIdentityProvider(
      id: string!
   ): SamlIdentityProvider!

Below is an example using this query field:

Raw
graphql
query {
  samlIdentityProvider(id:"1234")
  { id, name, domains, 
    authenticationMethod{authType} }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
  samlIdentityProvider(id:\"1234\") ^
  { id, name, domains,  ^
    authenticationMethod{authType} } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $INGEST_TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
  samlIdentityProvider(id:\"1234\")
  { id, name, domains, 
    authenticationMethod{authType} }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Returned Datatype

For SamlIdentityProvider, there are many parameters. They're listed here along with descriptions of each:

Table: SamlIdentityProvider

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 3, 2024
adminAttributestring  This field is for internal use only by LogScale.
adminAttributeMatchstring  This field is for internal use only by LogScale.
alternativeIdpCertificateInBase64string  An alternative IdP certificate using Base64 encoding.
authenticationMethodAuthenticationMethodAuth  The authentication method used. See AuthenticationMethodAuth.
debugbooleanyes Whether debugging is enabled.
defaultIdpbooleanyes Whether the identity service provider is the default.
domains[string]yes The domains of the SAML identity provider.
groupMembershipAttributestring  The saml attribute used to extract groups from when receiving the SamlResponse from the IDP. The groups from the response will be used to synchronize the membership of groups in LogScale. The group name and external provider name of the group are matched in LogScale.
humioManagedbooleanyes Where SAML authentication is managed by LogScale.
idstringyes The unique identifier for the SAML installation.
idpCertificateInBase64stringyes The identity provider's certificated converted to Base64.
idpEntityIdstringyes The unique identifier of the IDP entity.
lazyCreateUsersbooleanyes Whether to wait to create users until necessary.
namestringyes The name of the SAML identity provider.
signOnUrlstringyes The URL of where the sign on page is located.
userAttributestring  This is the saml attribute from which to extract username when receiving the SamlResponse from the IDP. If not specified, the default saml:NameID will be used.