Class SamlInvalidateRequest
java.lang.Object
co.elastic.clients.elasticsearch._types.RequestBase
co.elastic.clients.elasticsearch.security.SamlInvalidateRequest
- All Implemented Interfaces:
JsonpSerializable
@JsonpDeserializable
public class SamlInvalidateRequest
extends RequestBase
implements JsonpSerializable
Invalidate SAML.
Submit a SAML LogoutRequest message to Elasticsearch for consumption.
NOTE: This API is intended for use by custom web applications other than Kibana. If you are using Kibana, refer to the documentation for configuring SAML single-sign-on on the Elastic Stack.
The logout request comes from the SAML IdP during an IdP initiated Single
Logout. The custom web application can use this API to have Elasticsearch
process the LogoutRequest. After successful validation of the
request, Elasticsearch invalidates the access token and refresh token that
corresponds to that specific SAML principal and provides a URL that contains
a SAML LogoutResponse message. Thus the user can be redirected back to their
IdP.
- See Also:
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class co.elastic.clients.elasticsearch._types.RequestBase
RequestBase.AbstractBuilder<BuilderT extends RequestBase.AbstractBuilder<BuilderT>> -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final JsonpDeserializer<SamlInvalidateRequest>Json deserializer forSamlInvalidateRequeststatic final Endpoint<SamlInvalidateRequest,SamlInvalidateResponse, ErrorResponse> Endpoint "security.saml_invalidate". -
Method Summary
Modifier and TypeMethodDescriptionfinal Stringacs()The Assertion Consumer Service URL that matches the one of the SAML realm in Elasticsearch that should be used.static SamlInvalidateRequestfinal StringRequired - The query part of the URL that the user was redirected to by the SAML IdP to initiate the Single Logout.final Stringrealm()The name of the SAML realm in Elasticsearch the configuration.voidserialize(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper) Serialize this object to JSON.protected voidserializeInternal(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper) protected static voidMethods inherited from class co.elastic.clients.elasticsearch._types.RequestBase
toString
-
Field Details
-
_DESERIALIZER
Json deserializer forSamlInvalidateRequest -
_ENDPOINT
Endpoint "security.saml_invalidate".
-
-
Method Details
-
of
public static SamlInvalidateRequest of(Function<SamlInvalidateRequest.Builder, ObjectBuilder<SamlInvalidateRequest>> fn) -
acs
The Assertion Consumer Service URL that matches the one of the SAML realm in Elasticsearch that should be used. You must specify either this parameter or therealmparameter.API name:
acs -
queryString
Required - The query part of the URL that the user was redirected to by the SAML IdP to initiate the Single Logout. This query should include a single parameter namedSAMLRequestthat contains a SAML logout request that is deflated and Base64 encoded. If the SAML IdP has signed the logout request, the URL should include two extra parameters namedSigAlgandSignaturethat contain the algorithm used for the signature and the signature value itself. In order for Elasticsearch to be able to verify the IdP's signature, the value of thequery_stringfield must be an exact match to the string provided by the browser. The client application must not attempt to parse or process the string in any way.API name:
query_string -
realm
The name of the SAML realm in Elasticsearch the configuration. You must specify either this parameter or theacsparameter.API name:
realm -
serialize
Serialize this object to JSON.- Specified by:
serializein interfaceJsonpSerializable
-
serializeInternal
-
setupSamlInvalidateRequestDeserializer
protected static void setupSamlInvalidateRequestDeserializer(ObjectDeserializer<SamlInvalidateRequest.Builder> op)
-