Avnology ID
API ReferenceSAML (IdP)

SAML (IdP mode)

Configure Avnology as a SAML 2.0 Identity Provider for downstream service providers.

SAML (Identity Provider mode)

When you want external apps (Atlassian, Zendesk, Slack, a customer app) to authenticate your users via SAML, Avnology plays the IdP role. The SamlService manages:

  • Your tenant's IdP configuration (signing key, issuer URL, metadata).
  • The registered service providers (ACS URLs, entity IDs, signature requirements).
  • Per-SP attribute mappings that translate Avnology identity fields into SAML attributes.
  • Certificate rotation.
  • Test endpoints that generate a sample SAML assertion without an end-user flow.

Not to be confused with SSO connections -- those are for the reverse flow, where Avnology consumes an external SAML IdP.

Base URL: https://<Domain id="api"/>

Authentication: Bearer API key with saml_idp:write scope for mutations, :read for reads.

Sub-sections

AreaWhat it covers
IdP ConfigurationGlobal IdP settings, metadata download
Service ProvidersCRUD for downstream SPs
Attribute MappingsPer-SP claim-to-attribute translation
CertificatesGenerate / activate / revoke signing certs
Assertion TestingValidate or generate an assertion out of band

SCIM Configuration

Configure SCIM 2.0 directory sync.

IdP Configuration

Read and update your SAML IdP global configuration; download the IdP metadata XML.

On this page

SAML (Identity Provider mode)Sub-sectionsRelated components