This command modifies a new or existing Identity Provider (IDP).
Usage
vms saml_modify --idp-name IDP_NAME [--idp-entityid ENTITY_ID] [--encrypt-assertion] [--disable-encrypt-assertion] [--want-assertions-or-response-signed] [--force-authn] [--disable-force-authn] [--local-idp-metadata] [--idp-metadata-url METADATA_URL] [--remove-idp-metadata local|remote]
Required Parameters
| Specifies the name of the new IDP configuration, or the name of a previously configured IDP to modify. This field is used later for the SSO login URL for the SP (VMS). |
Options
| The unique identifier of the IDP entity. |
| This option is required if the IDP encrypts the assertion. If this option is used, you are prompted for the certificate and key. |
| This option removes the certificate used in |
| If this option is used the SP (VMS) will accept only a signed response or signed assertion from the IDP. VMS will fail the user authentication if an unsigned response is received. If this option is used, a certificate and key must be provided after executing the command. |
| Forces authentication with the IDP even if there is an active session with the IdP for the user. |
| Disable the |
| Use local metadata. If used, you are prompted for the metadata (must be in XML file format). |
| Use metadata located at METADATA_URL. The URL is typically in the format: |
| This option will remove either the local or remote IDP metadata file. Specify which file to remove, local or remote. For example: vms modify_saml --remove-idp-metadata local |
Example
vcli: admin> vms saml_modify --idp-name Okta