createSecurityRealm
A Graze API POST request that creates a new SAML security realm from an Identity Provider (IdP) URL. The request also adds the realm configuration you provide.
Warning
Warn any users who are logged into Moogsoft Onprem using the default realm before using this request. Moogsoft Onprem may log out users when the new realm becomes active.
Back to Graze API EndPoint Reference.
Request arguments
Endpoint createSecurityRealm takes the following request arguments:
Name | Type | Required | Description |
|---|---|---|---|
| String | Yes | A valid |
| String | Yes | Name of the security realm. |
| String | Yes | Security realm type. This must be |
| Boolean | Yes | Determines whether the new realm is active in Moogsoft Onprem on creation. You can create an inactive realm for testing purposes. For example, you can verify if a security realm with that name already exists or if it fails. |
| JSON Object | Yes | JSON object containing the realm configuration. For information on the configuration properties, see Security Configuration Reference. Upload your IdP metadata file using idpMetadata or specify the location of the file using idpMetadataUrl. For example:
|
Response
Endpoint createSecurityRealm returns the following response:
Examples
The following examples demonstrate typical use of endpoint createSecurityRealm:
Request example
Example cURL request to create a security realm:
curl -X POST -u graze:graze -k -v "https://localhost/graze/v1/createSecurityRealm" -d '{
"name":"mySamlRealm",
"type":"SAML2",
"active:"true",
"configuration":
{
"idpMetadataUrl":"http://exampleIdP:18080/auth/realms/master/protocol/saml/descriptor",
"defaultRoles":["Operator"],
"defaultTeams":["Cloud DevOps"],
"defaultGroup":"End-User",
"existingUserMappingField":"username",
"username":"$username",
"email":"$email",
"fullname":"$firstname $lastname",
"maximumAuthenticationLifetime":60
}
}'