App Builder App_Builder Security provider - Import/export App Builder supports both importing and exporting security provider configurations.
Import To import a security provider, start by signing into App Builder as an Administrator:
Switch to the IDE Click the Security Providers button In the Configuration panel, expand the More menu and click Import Provider Provide the serialized security provider. See Format below. Click the Import button Click the View button to view and modify the security provider App Builder will assign a unique identifier to the security provider on import.
The the new security provider will be disabled by default and will not appear on the login form.
Export To export a security provider provider, start by signing into App Builder as an administrator:
Switch to the IDE Click the Security Providers button Locate the security provider and click the Details icon (chevron) Expand the More menu and click Export Provider This will display the serialized security provider configuration.
The security provider configuration format takes the form of a JSON document.
The root element is an object of type Provider .
Example {
"name" : "MyIdP" ,
"type" : "saml_sp" ,
"audience" : "https://example/App Builder" ,
"recipient" : "https://example/App Builder/signin-MyIdP" ,
"settings" : {},
"groups" : [],
"claimTypes" : [],
"endpoints" : [
{
"type" : "metadata" ,
"url" : "https://example/saml/metadata"
}
],
"credentials" : [],
"certificates" : []
}
Types Provider Name Type Description name String Security provider name. type ProviderType Security provider type. authenticationType AuthenticationType Authentication type. oauthGrantType OAuthGrantType OAuth grant type. oauthClientAuthenticationType OAuthClientAuthenticationType OAuth client authentication type. oauthResourceAuthenticationType OAuthResourceAuthenticationType OAuth resource authentication types. tokenOwner TokenOwner Token owner. subject String Token subject. issuer String Token issuer. audience String Token audience. recipient String Token Recipient. entityId String Token entity identifier. identityProviderUrl String Identity Provider (IdP) URL. endpoints Endpoint [] Array of endpoints. credentials Credential [] Array of credentials. certificates Certificate [] Array of certificates and keys. settings Object Collection of key/value pairs where each key corresponds to a well-known parameter name. See the specific security provider's documentation for a list of supported parameters. claimTypes ClaimType [] Array of claim types. groups Group [] Array of security groups. registration Registration Security provider registration.
Endpoint Name Type Description type EndpointType Endpoint type. url String Endpoint URL.
Credential Name Type Description type CredentialType Credential type. userName String User name. password String Plain-text password.
Certificate Name Type Description usage CertificateUsage Certificate usage. type CertificateType Certificate type. format CertificateFormat Certificate format. content String Encoded certificate or key. password String Plain-text password. thumbprint* String Certificate thumbprint.
ClaimType Name Type Description identitier String Claim type identifier, typically a URL or JSON key. usage ClaimTypeUsage Claim type usage. priority Number Claim type priority. ignore Boolean Indicates whether the claim type should be ignored.
Group Name Type Description name String Group name. identifier String Group identifier. groupId Unique ID App Builder security group identifier. grantOnIdentityCreate Boolean Indicates whether identities should be added to the group when provisioned.
Registration Name Type Description enabled Boolean Enables the security provider. priority Number Security provider ordinal position. sealed Boolean Seals the security provider. INTERNAL USE ONLY. redirectOnChallenge Boolean Bypasses the login form and redirects the client to the user authentication provider when challenged. showOnLoginForm Boolean Displays the user authentication provider on the login form. userProvisioning Boolean Enables provisioning for the user authentication provider. matchExistingUser Boolean Allows the user provisioning process to map identities to existing users. suppliesGroupMembership Boolean Indicates that the user authentication provider maintains security group membership. storeClaims Boolean Indicates that App Builder should store any claims received from the user authentication provider. defaultAuthenticationProvider Boolean Indicates that App Builder should make the user authentication provider the system's default user authentication provider.
Values ProviderType Value Description active_directory Active Directory adobe_pdf_services Adobe PDF Services api_key API Key app_auth Application Authentication google_openid_connect Google Accounts / OpenID Connect http_basic_auth HTTP Basic Authentication http_client HTTP Client iwa_ Integrated Windows Authentication jwt_sso JWT SSO local Local User microsoft_openid_connect Microsoft / OpenID Connect oauth2 OAuth 2.0 openid_connect OpenID Connect 1.0 provisioning User Provisioning rewrite_url Rewrite URL salesforce Salesforce salesforce_openid_connect Salesforce / OpenID Connect saml_idp SAML Identity Provider (IdP) saml_sp SAML Service Provider (SP) sap_odata_services SAP OData Services successfactors_odata SuccessFactors OData successfactors_password SuccessFactors Password wam Web Access Management ws_federation WS-Federation
AuthenticationType Value Description anonymous Anonymous basic Basic delegated_oauth2 Delegated OAuth [DEPRECATED] oauth2 OAuth
Support varies by security provider.
OAuthGrantType Value Description authorization_code Authorization Code client_credentials Client Credentials password Resource Owner Password Credentials refresh_token Refresh Token urn:ietf:params:oauth:grant-type:jwt-bearer JWT Bearer Token urn:ietf:params:oauth:grant-type:saml2-bearer SAML 2.0 Bearer Assertion
Support varies by security provider.
OAuthClientAuthenticationType Value Description none None client_secret_basic Basic client_secret_post Parameter
Support varies by security provider.
OAuthResourceAuthenticationType Value Description bearer Bearer form_post Form query Query
Support varies by security provider.
TokenOwner Value Description client Client system, i.e. App Builder user User
EndpointType Value Description acs Assertion Consumer Service api API Endpoint authorization Authorization Endpoint issuer OpenID Connect Issuer metadata Metadata Endpoint relay_state RelayState URI request_redirect Request Redirect Endpoint sso Single Sign On Service token Token Endpoint user_info User Info Endpoint
Support varies by security provider.
CredentialType Value Description client OAuth client. directory_reader Active Directory reader. resource_owner OAuth resource owner.
Support varies by security provider.
CertificateUsage Value Description client Client Certificate signature_validation Signature Validation signing Signing
Support varies by security provider.
CertificateType Value Description rsa_private_key RSA Private Key rsa_public_key Public Key x509 X.509 Certificate x509_private_key X.509 Certificate with Private Key
Support varies by security provider.
Value Description certificate_store Certificate Store pem PEM pkcs12 PKCS#12 (PFX)
Support varies by security provider.
ClaimTypeUsage Value Description displayName Display name emailAddress Email address fullName Full name group Security group name Name nameId Name identifier none None phoneNumber Phone number