List of REST APIs available to configure SSO on Confluence DC
プラットフォームについて: Data Center のみ - この記事は、Data Center プラットフォームのアトラシアン製品にのみ適用されます。
要約
Confluence Data Center is bundled with the SSO for Atlassian Server and Data Center App (Atlassian SSO App), with which administrators can configure SSO authentication using SAML 2.0 or OIDC with the preferred Identity Provider (IdP) supporting these standards.
Check SAML single sign-on for Atlassian Data Center applications for further details about the Atlassian SSO App.
This App has some private REST APIs to allow checking and editing its configuration. This document highlights these APIs and provide examples of usage.
Being private APIs mean they may change without necessarily following the Atlassian REST API policy.
環境
Confluence Data Center 7.13.0
- Although this document references Confluence, it may be used by administrators of Jira and Bitbucket when configuring SSO.
SSO for Atlassian Server and Data Center 4.2.5
- These methods were made available since App version 4.2.0.
ソリューション
GET /rest/authconfig/1.0/login-options
Show all enabled authentication options.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
curl -s -X GET \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
-H 'Accept: application/json' \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/login-options'
GET /rest/authconfig/1.0/idps
Get detailed configuration from all IdPs.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
curl -s -X GET \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
-H 'Accept: application/json' \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/idps'
POST /rest/authconfig/1.0/idps
Create a new configuration for an IdP.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
curl -s -X POST \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
-H 'content-type: application/json' \
-H 'Accept: application/json' \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/idps' \
-d '{
"name": "New SAML SSO",
"enabled": true,
"certificate": "(...)",
"sso-type": "SAML",
"enable-remember-me": true,
"button-text": "Log in with the new IdP",
"idp-type": "GENERIC",
"sso-url": "https://new.idp.com/12062019/sso/saml",
"sso-issuer": "https://new.idp.com/12062019",
"username-attribute": "${NameID}",
"jit-configuration": {
"user-provisioning-enabled": false
}
}'
GET /rest/authconfig/1.0/idps/{id}
Get the configuration of an IdP.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
CONFLUENCE_SSO_IDP_ID=1
curl -s -X GET \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
-H 'Accept: application/json' \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/idps/'${CONFLUENCE_SSO_IDP_ID}
PATCH /rest/authconfig/1.0/idps/{id}
Change one or more attributes in the configuration of an IdP.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
CONFLUENCE_SSO_IDP_ID=1
curl -s -X PATCH \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
-H 'content-type: application/json' \
-H 'Accept: application/json' \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/idps/'${CONFLUENCE_SSO_IDP_ID} \
-d '{
"enable-remember-me": false,
"button-text": "Log in with patched IdP"
}'
DELETE /rest/authconfig/1.0/idps/{id}
Delete one or more attributes in the configuration of an IdP.
例
CONFLUENCE_PAT='My+PAT'
CONFLUENCE_BASE_URL=https://confluence.pawtucketbrewery.com
CONFLUENCE_SSO_IDP_ID=1
curl -s -X DELETE \
-H "Authorization: Bearer ${CONFLUENCE_PAT}" \
${CONFLUENCE_BASE_URL}'/rest/authconfig/1.0/idps/'${CONFLUENCE_SSO_IDP_ID}
参考情報
- SSO for Atlassian Server and Data Center
- Atlassian Data Center および Server アプリ向け SSO
- Atlassian REST API policy
- Atlassian REST API Browser