Harness

Authentication Settings

This contains APIs related to Authentication settings as defined in Harness

Return configured Ldap settings for the account

Returns configured Ldap settings and its details for the account.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Responses
400

Bad Request

500

Internal server error

default

Returns ldap setting

get/ng/api/authentication-settings/ldap/settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Updates Ldap setting
Updates configured Ldap settings along with the user, group queries.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: */*
required
This is the updated LdapSettings. Values for all fields is needed, not just the fields you are updating


required
object (LdapConnectionSettings) 
This is the LDAP connection setting.


 
identifier
required
string
This is the LDAP setting identifier.


 
Array of objects (LdapUserSettings) 
This is the user settings list in LDAP setting.


 
Array of objects (LdapGroupSettings) 
This is the group settings list in LDAP setting.


 
displayName
required
string
This is the LDAP setting display name.


 
cronExpression
string
This is the cron expression in LDAP Settings.


 
nextIterations
Array of integers <int64> 
This is the list of iterations for next LDAP sync job.


 
disabled
boolean
This tells if LDAP Settings is disabled or not, LDAP sync won't happen in disabled state.


 
settingsType
string
 Enum: "USER_PASSWORD" "SAML" "LDAP" "OAUTH"  
Responses 
400
Bad Request


500
Internal server error


default
Updated Ldap settings along with the user, group settings


put/ng/api/authentication-settings/ldap/settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Create Ldap setting
Creates Ldap settings along with the user, group queries.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: */*
required
Create LdapSettings request body. Values for connection settings are needed, user and group settings can also be provided


required
object (LdapConnectionSettings) 
This is the LDAP connection setting.


 
identifier
required
string
This is the LDAP setting identifier.


 
Array of objects (LdapUserSettings) 
This is the user settings list in LDAP setting.


 
Array of objects (LdapGroupSettings) 
This is the group settings list in LDAP setting.


 
displayName
required
string
This is the LDAP setting display name.


 
cronExpression
string
This is the cron expression in LDAP Settings.


 
nextIterations
Array of integers <int64> 
This is the list of iterations for next LDAP sync job.


 
disabled
boolean
This tells if LDAP Settings is disabled or not, LDAP sync won't happen in disabled state.


 
settingsType
string
 Enum: "USER_PASSWORD" "SAML" "LDAP" "OAUTH"  
Responses 
400
Bad Request


500
Internal server error


default
Creates Ldap settings along with the user, group queries


post/ng/api/authentication-settings/ldap/settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Delete Ldap settings
Delete configured Ldap settings on this account.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully deleted Ldap settings configured on account


delete/ng/api/authentication-settings/ldap/settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Delete SAML meta data
Deletes SAML metadata for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully deleted SAML meta associated with a SAML setting


delete/ng/api/authentication-settings/delete-saml-metadata
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Delete SAML meta data for given SAML sso id
Deletes SAML metadata for the given Account and SAML sso id


Securityx-api-key 
Request 
path Parameters
samlSSOId
required
string
Saml Settings Identifier


 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully deleted SAML meta associated with a SAML SSO setting id


delete/ng/api/authentication-settings/saml-metadata/{samlSSOId}/delete
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Update authentication enabled or not for given SAML setting
Updates if authentication is enabled or not for given SAML setting in Account ID.


Securityx-api-key 
Request 
path Parameters
samlSSOId
required
string
Saml Settings Identifier


 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
enable
required
boolean
 Default:  true
 
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated login allowed status for SAML setting in account


put/ng/api/authentication-settings/saml-metadata-upload/{samlSSOId}/authentication
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Gets authentication settings for the given Account ID
Gets authentication settings for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully returns authentication settings of an Account


get/ng/api/authentication-settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Gets authentication settings version 2 for the given Account ID
Gets authentication settings version 2 for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully returns authentication settings of an Account


get/ng/api/authentication-settings/v2
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Get password strength
Gets password strength for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Returns password strength of an Account


get/ng/api/authentication-settings/login-settings/password-strength
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Test SAML connectivity
Tests SAML connectivity for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountId
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Returns connectivity status


get/ng/api/authentication-settings/saml-login-test
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Test SAML connectivity
Tests SAML connectivity for the given Account ID and SAML setting.


Securityx-api-key 
Request 
path Parameters
samlSSOId
required
string
Saml Settings Identifier


 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Returns connectivity status


get/ng/api/authentication-settings/saml-login-test/{samlSSOId}
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Delete OAuth Setting
Deletes OAuth settings for a given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully removed OAuth settings configured to an account.


delete/ng/api/authentication-settings/oauth/remove-mechanism
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Enable/disable public access at account level
Enable/disable public access for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: application/json
required
Information about the session timeout for all users of this account in minutes.


boolean
 
Responses 
400
Bad Request


500
Internal server error


default
Successfully configured public access for an account


put/ng/api/authentication-settings/public-access
Request samples 
application/json
true
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Set session timeout at account level
Sets session timeout of all users for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: application/json
required
Information about the session timeout for all users of this account in minutes.


sessionTimeOutInMinutes
required
integer <int32>   [ 30 .. 4320 ] 
Any user of this account will be logged out if there is no activity for this number of minutes


 
absoluteSessionTimeOutInMinutes
integer <int32>   <= 4320 
Any user of this account will be logged out after this number of minutes


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully configured session timeout for an account


put/ng/api/authentication-settings/session-timeout-account-level
Request samples 
application/json
{
  • "sessionTimeOutInMinutes": 30,
  • "absoluteSessionTimeOutInMinutes": 4320
}
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Set two factor authorization
Sets Two-Factor authorization for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: */*
required
Boolean that specify whether or not to override two factor enabled setting


adminOverrideTwoFactorEnabled
boolean
This value is true if Admin Override for Two Factor Authentication is enabled. Otherwise, it is false.


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully configured two factor authorization for an account


put/ng/api/authentication-settings/two-factor-admin-override-settings
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Update Auth mechanism
Updates the authentication mechanism for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
authenticationMechanism
string
Type of Authentication Mechanism SSO or NON_SSO


 Enum: "USER_PASSWORD" "SAML" "LDAP" "OAUTH"  
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated Auth mechanism for an account.


put/ng/api/authentication-settings/update-auth-mechanism
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Update Oauth providers
Updates OAuth providers for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: */*
required
This is the updated OAuthSettings. Please provide values for all fields, not just the fields you are updating


filter
string
Filter out the available OAuth providers.


 
allowedProviders
Array of strings  unique 
This is the list of OAuth Providers that are supported.


Items Enum: "AZURE" "BITBUCKET" "GITHUB" "GITLAB" "GOOGLE" "LINKEDIN"  
settingsType
string
 Enum: "USER_PASSWORD" "SAML" "LDAP" "OAUTH"  
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated the Oauth providers for the account


put/ng/api/authentication-settings/oauth/update-providers
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Update SAML metadata
Updates SAML metadata of the SAML configuration configured for an account


Securityx-api-key 
Request 
query Parameters
accountId
required
string
Account Identifier for the Entity.


 
Request Body schema: multipart/form-data
file
object
SAML Metadata input file


 
object (FormDataContentDisposition) 
 
displayName
string
Display Name of the SAML


 
groupMembershipAttr
string
Group membership attribute


 
authorizationEnabled
boolean
Specify whether or not to enable authorization


 
logoutUrl
string
Logout URL


 
entityIdentifier
string
SAML metadata Identifier


 
samlProviderType
string
SAML provider type


 
clientId
string
Optional SAML clientId for Azure SSO


 
clientSecret
string
Optional SAML clientSecret reference string for Azure SSO


 
jitEnabled
boolean
 Default:  false
Enable Just in time user provision


 
jitValidationKey
string
Optional Key to match in SAML assertion for Just in time user provision


 
jitValidationValue
string
Optional Value to match in SAML assertion for Just in time user provision


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated SAML metadata of SAML setting configured for an account


put/ng/api/authentication-settings/saml-metadata-upload
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Upload SAML metadata
Updates the SAML metadata for the given Account ID.


Securityx-api-key 
Request 
query Parameters
accountId
required
string
Account Identifier for the Entity.


 
Request Body schema: multipart/form-data
file
object
Saml Metadata input file


 
object (FormDataContentDisposition) 
 
displayName
string
Display Name of the SAML


 
groupMembershipAttr
string
Group membership attribute


 
authorizationEnabled
boolean
Specify whether or not to enable authorization


 
logoutUrl
string
Logout URL


 
entityIdentifier
string
SAML metadata Identifier


 
samlProviderType
string
SAML provider type


 
clientId
string
Optional SAML clientId for Azure SSO


 
clientSecret
string
Optional SAML clientSecret reference string for Azure SSO


 
friendlySamlName
string
Friendly name of the app on SAML SSO provider end in Harness


 
jitEnabled
boolean
 Default:  false
Enable Just in time user provision


 
jitValidationKey
string
Optional Key to match in SAML assertion for Just in time user provision


 
jitValidationValue
string
Optional Value to match in SAML assertion for Just in time user provision


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully uploads SAML metadata to the SAML setting configured for an account


post/ng/api/authentication-settings/saml-metadata-upload
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Update SAML metadata for a given SAML SSO Id
Updates SAML metadata of the SAML configuration with given SSO Id, configured for an account


Securityx-api-key 
Request 
path Parameters
samlSSOId
required
string
Saml Settings Identifier


 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: multipart/form-data
file
object
SAML Metadata input file


 
object (FormDataContentDisposition) 
 
displayName
string
Display Name of the SAML


 
groupMembershipAttr
string
Group membership attribute


 
authorizationEnabled
boolean
Specify whether or not to enable authorization


 
logoutUrl
string
Logout URL


 
entityIdentifier
string
SAML metadata Identifier


 
samlProviderType
string
SAML provider type


 
clientId
string
Optional SAML clientId for Azure SSO


 
clientSecret
string
Optional SAML clientSecret reference string for Azure SSO


 
friendlySamlName
string
Friendly name of the app on SAML SSO provider end in Harness


 
jitEnabled
boolean
 Default:  false
Enable Just in time user provision


 
jitValidationKey
string
Optional Key to match in SAML assertion for Just in time user provision


 
jitValidationValue
string
Optional Value to match in SAML assertion for Just in time user provision


 
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated SAML metadata of SAML setting configured for an account


put/ng/api/authentication-settings/saml-metadata-upload/{samlSSOId}
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Updates the whitelisted domains
Updates whitelisted domains configured for an account.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: */*
Set of whitelisted domains and IPs for the account


 Array 
string
 
Responses 
400
Bad Request


500
Internal server error


default
Successfully updated whitelisted domains configured with an account


put/ng/api/authentication-settings/whitelisted-domains
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
➔ Next to Permissions