AnsweredAssumed Answered

Can the "Require SAML token profile" assertion work with REST calls?

Question asked by kkrauth on Mar 17, 2017
Latest reply on Mar 17, 2017 by Bill_Peterson

I would like to use SAML based identity propagation when with the RESTMan API. The application making the RESTMan call has the correct SAML token with the appropriate identity already available and can pass it via a HTTP header.


My plan was to modify the default RESTMan policy and introduce the "Require SAML Token Profile" assertion to it as an additional authentication method, but to my dismay, I do not see a way to specify where the SAML token processed by this assertion should be fetched from! This leads me to believe that the said assertion can only be used with SOAP calls, possibly using the wsman API instead of RESTMan. I have already built out the integration using RESTMan and would prefer not to switch to wsman.


Is there a way to specify the source of the SAML that should be processed by the said assertion? Any other way that I can process the principal and groups on the SAML token so that the identity on it can later be used by the "Authenticate Against Identity Provider" assertion? Any help would be greatly appreciated! Thanks.