samlOrWsFedExternalDomainFederation resource type
Namespace: microsoft.graph
Allows a Microsoft Entra tenant to federate with an external organization whose identity provider (IdP) supports either the SAML or WS-Fed protocol. This enables the Microsoft Entra tenant to allow guest users to access its resources. For more information on SAML or WS-Fed IdP federation, see Federation with SAML or WS-Fed identity providers for guest users.
Inherits from samlOrWsFedProvider.
Methods
Method | Return type | Description |
---|---|---|
List federated configurations | samlOrWsFedExternalDomainFederation collection | Get a list of the samlOrWsFedExternalDomainFederation objects and their properties. |
Create federated configuration | samlOrWsFedExternalDomainFederation | Create a new samlOrWsFedExternalDomainFederation object. |
Get federated configuration | samlOrWsFedExternalDomainFederation | Read the properties and relationships of a samlOrWsFedExternalDomainFederation object. |
Update federated configuration | samlOrWsFedExternalDomainFederation | Update the properties of a samlOrWsFedExternalDomainFederation object. |
Delete federated configuration | None | Deletes a samlOrWsFedExternalDomainFederation object. |
List domains | externalDomainName collection | Get the externalDomainName resources from the domains navigation property. |
Create externalDomainName | externalDomainName | Create a new externalDomainName object. |
Properties
Property | Type | Description |
---|---|---|
displayName | String | The display name of the SAML or WS-Fed based IdP. Inherited from identityProviderBase. |
id | String | The identifier of the identity provider. Inherited from entity. |
issuerUri | String | Issuer URI of the federation server. Inherited from samlOrWsFedProvider. |
metadataExchangeUri | String | URI of the metadata exchange endpoint used for authentication from rich client applications. Inherited from samlOrWsFedProvider. |
passiveSignInUri | String | URI that web-based clients are directed to when signing in to Microsoft Entra services. Inherited from samlOrWsFedProvider. |
preferredAuthenticationProtocol | authenticationProtocol | Preferred authentication protocol. The possible values are: wsFed , saml , unknownFutureValue . Inherited from samlOrWsFedProvider. |
signingCertificate | String | Current certificate used to sign tokens passed to the Microsoft identity platform. The certificate is formatted as a Base64 encoded string of the public portion of the federated IdP's token signing certificate and must be compatible with the X509Certificate2 class. This property is used in the following scenarios:
Microsoft Entra ID updates certificates via an autorollover process in which it attempts to retrieve a new certificate from the federation service metadata, 30 days before expiry of the current certificate. If a new certificate isn't available, Microsoft Entra ID monitors the metadata daily and will update the federation settings for the domain when a new certificate is available. Inherited from samlOrWsFedProvider. |
Relationships
Relationship | Type | Description |
---|---|---|
domains | externalDomainName collection | Collection of domain names of the external organizations that the tenant is federating with. Supports $filter (eq ). |
JSON representation
The following is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.samlOrWsFedExternalDomainFederation",
"id": "String (identifier)",
"displayName": "String",
"issuerUri": "String",
"metadataExchangeUri": "String",
"signingCertificate": "String",
"passiveSignInUri": "String",
"preferredAuthenticationProtocol": "String"
}
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for