This command modifies a new or existing Identity Provider (IDP).
Usage
vms saml_modify --idp-name IDP_NAME
[--idp-entityid ENTITY_ID]
[--encrypt-assertion]
[--disable-encrypt-assertion]
[--want-assertions-or-response-signed]
[--force-authn]
[--disable-force-authn]
[--local-idp-metadata]
[--idp-metadata-url METADATA_URL]
[--remove-idp-metadata local|remote]
Required Parameters
| Specifies the name of the new IDP configuration, or the name of a previously configured IDP to modify. This field is used later for the SSO login URL for the SP (VMS). |
Options
| The unique identifier of the IDP entity. |
| This option is required if the IDP encrypts the assertion. If this option is used, you are prompted for the certificate and key. |
| This option removes the certificate used in |
| If this option is used the SP (VMS) will accept only a signed response or signed assertion from the IDP. VMS will fail the user authentication if an unsigned response is received. If this option is used, a certificate and key must be provided after executing the command. |
| Forces authentication with the IDP even if there is an active session with the IdP for the user. |
| Disable the |
| Use local metadata. If used, you are prompted for the metadata (must be in XML file format). |
| Use metadata located at METADATA_URL. The URL is typically in the format: |
| This option will remove either the local or remote IDP metadata file. Specify which file to remove, local or remote. For example: vms modify_saml --remove-idp-metadata local |
Example
vcli: admin> vms saml_modify --idp-name Okta