Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Example
Code Block
titleTesting the setup
languagetext
https://platform.cloud.coveo.com/rest/search/login/mySAMLAuthenicationProvider?access_token=wmLwtZwHv3LUf5W4G7X22PRjmROfyfOigdi-rnohxyeLw_9OldOGEeK3N-DBZZZydmjA1JWZ...

Assigning

...

More Than One Organization to

...

Your Identity Provider

If you manage more than one Coveo Cloud V2 organization and have implemented SAML authentication for one of them, you might want to associate you your other organization with your SAML authentication provider.

Example

You have a regular Coveo Cloud production and a sandbox organizationorganizations, and want them to have an identical SAML authentication setup for testing purposes.

To associate a second another organization with your SAML authentication provider, first retrieve a list of the available organizations, and then update the target organization with the SAML authentication parameters.

...

titleNote

...

  1. Ensure that the identity you entend to use to perform the following Coveo Cloud V2 API calls is a member of a

...

  1. group hat has View Organization and an Edit SAML identity provider privilege in both organizations (see Edit a Group: [GroupName] - Panel).
  2. Ensure your first the SAML authentication configuration works as expected with your firts Coveo Cloud organization by testing your setup (see Creating a SAML Authentication Provider with the Coveo Search API and Testing the Setup). 
  3. Send a GET request to https://platform.cloud.coveo.com/rest/organizations/{organizationId}/saml/availables where you must replace {organizationId} by the ID of your first Coveo Cloud V2 organization ID.  A (see Getting the organizationId).  
    A successful request returns a Status 200 containing the SAML authentication parameters for the specified organization and, and if you have any, other organizations using the same SAML autentication setup. The response body of your GET request should look like the following example.

    Example
    Code Block
    titleTypical Response Body of a SAML Authentication Provider GET Request
     {
        "displayName": "MySAMLIdP",
        "entityId": "http://www.identityprovider.com/exkabcurm887FmOwOc0h7",
        "id": "xbjfnpsw4fw2yxvb2vmc5n2pty",
    	"postBindingEndpoint": "https://mycompany.identityprovider.com/app/mycompany_identityproviderapp/exkabcurm887FmOwOc0h7/sso/saml",
        "x509Certificate": "MIIDpDCCAoygAwIBAgIGAVZbyf2L..."
        "organizationIds": [
          {
            "displayName": "organization1",
            "id": "organization1"
          }
        ],
      }
  4. Using the GET request response body, fill the body of a PUT request to https://platform.cloud.coveo.com/rest/organizations/{organizationId}/saml/identityprovider where you must you replace {organizationId} by the ID of your first other Coveo Cloud V2 organization ID.  (see Getting the organizationId).
    In the PUT request body, make sure ensure to include the ID for both your first and your second organization. The organization displayName, however, is not required. The body of your PUT request should look like the following example.

    Example
    Code Block
    titleTypical Body of a SAML Authentication Provider PUT Request
    {
      "displayName": "MySAMLIdP",
      "entityId": "http://www.identityprovider.com/exkabcurm887FmOwOc0h7",
      "id": "xbjfnpsw4fw2yxvb2vmc5n2pty",
      "organizationIds": [
        {
              "id": "organization1organizationId1"
        },
     {
               "id": "organization2organizationId2"
        }
      ],
      "postBindingEndpoint": "https://mycompany.identityprovider.com/app/mycompany_identityproviderapp/exkabcurm887FmOwOc0h7/sso/saml",
      "x509Certificate": "MIIDpDCCAoygAwIBAgIGAVZbyf2L..."
    }

    A successful request returns a Status 200 containing the parameters your you entered in the request body . However, and your second organization is updated , and you can now use .

  5. Test the SAML authentication setup in this the updated organization as well.