Single Sign-On Configuration API
Number of APIs: 3
If you're an administrator who handles Akamai portal accounts and users, use the Single Sign-On (SSO) Configuration API to manage your IdP (identity provider) certificates.
Authentication
Create an authentication credential that contains the client token and client secret required to authenticate Akamai API requests.
Note: Only Akamai customers can create credentials. If you aren't an Akamai customer and wish to become one, you can sign up for our services.
- Navigate to the Identity and Access Management section of Akamai Control Center and click Create API Client.
Note: If you don't have access to the Identity and Access Management tool, contact your local Akamai Control Center admin or your Akamai account team for assistance.
- Click Quick and then Download in the Credentials section.
Note: If you need to refine access levels or permissions, see Create a client with custom permissions.
- Open the downloaded file with a text editor and add
[default]
as a header above all text.
[default]
client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN=
host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net
access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij
client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj
- Fork the [Akamai Authentication] environment, populate the variables, and [set it for your workspace]
Dependencies
Make sure you have the following services configured before using this API:
- To enable this API, go to the API list of your API client in Control Center,
select the API service named Single Sign-On Configuration API, and set the access level to
READ-WRITE
. - You need to have a role with the IDM: Users - Admin Access permission assigned to your account in Control Center.
- The
entityId
identifier for your account's identity provider (IdP) is required for all operations in this API. This value is part of your IdP metadata where the SAML authentication request is sent, and needs to match theIssuer
field sent by your IdP in the SAML request. The SAML Entity ID is an absolute URL, and thus you need to make sure theentityId
value is URL-encoded. Otherwise, the operation fails. This value appears in your SSO configuration as Entity ID. For details on how to access your SSO configuration and IdP metadata, see Get started with SSO with SAML.
Integration methods
You can use this API collection in these integration methods: - API
-
Certificates - Add a certificate POST https://{{host}}/sso-config/v1/idps/:entityId/certificates
-
Certificates - List certificates GET https://{{host}}/sso-config/v1/idps/:entityId/certificates
-
Certificates - Remove a certificate DELETE https://{{host}}/sso-config/v1/idps/:entityId/certificates/:certificateId