mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 12:37:02 +02:00
Code Issues Projects Releases Wiki Activity
ef901b1bc4
vault/website/content/api-docs/secret/identity/mfa/pingid.mdx
Hamid Ghaf 3f4a7602b9
docs for named login MFA (#18833) 
* docs for named login MFA

* feedback
2023-02-01 10:30:14 -05:00

141 lines
3.6 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: api
page_title: /identity/mfa/method/pingid - HTTP API
description: >-
The '/identity/mfa/method/pingid' endpoint focuses on managing PingID MFA behaviors in Vault.
---
## Configure PingID MFA Method
This endpoint defines an MFA method of type PingID.
| Method | Path |
| :----- | :-------------------------------- |
| `POST` | `/identity/mfa/method/pingid/:method_id` |
### Parameters
- `method_id` `(string: "")` - Optional UUID to specify if updating an existing method.
- `method_name` `(string)` - The unique name identifier for this MFA method. Supported from Vault 1.13.0.
- `username_format` `(string)` - A template string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{identity.entity.name}}@example.com"`. If blank, the Entity's Name field is used as-is.
- `settings_file_base64` `(string: <required>)` - A base64-encoded third-party settings file retrieved from PingID's configuration page.
### Sample Payload
```json
{
"username_format": "{{identity.entity.aliases.auth_userpass_1793464a.name}}",
"settings_file_base64": "AA8owj3..."
}
```
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/mfa/method/pingid
```
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/mfa/method/pingid/f8381105-67f0-4105-8662-4b07ae5c1233
```
## Read PingID MFA Method
This endpoint queries the MFA configuration of PingID type for a given method
name.
| Method | Path |
| :----- | :-------------------------------- |
| `GET` | `/identity/mfa/method/pingid/:id` |
### Parameters
- `id` `(string: <required>)` UUID of the MFA method.
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request GET \
http://127.0.0.1:8200/v1/identity/mfa/method/pingid/f8381105-67f0-4105-8662-4b07ae5c1233
```
### Sample Response
```json
{
"data": {
"use_signature": true,
"idp_url": "https://idpxnyl3m.pingidentity.com/pingid",
"admin_url": "https://idpxnyl3m.pingidentity.com/pingid",
"authenticator_url": "https://authenticator.pingone.com/pingid/ppm",
"id": "f8381105-67f0-4105-8662-4b07ae5c1233",
"org_alias": "181459b0-9fb1-4938-8c86...",
"type": "pingid",
}
}
```
## Delete PingID MFA Method
This endpoint deletes a PingID MFA method. MFA methods can only be deleted if they're not currently in use
by a [login enforcement](/vault/api-docs/secret/identity/mfa/login-enforcement).
| Method | Path |
| :------- | :-------------------------------- |
| `DELETE` | `/identity/mfa/method/pingid/:id` |
### Parameters
- `id` `(string: <required>)` - UUID of the MFA method.
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/identity/mfa/method/pingid/f8381105-67f0-4105-8662-4b07ae5c1233
```
## List PingID MFA Methods
This endpoint lists PingID MFA methods that are visible in the current namespace or in parent namespaces.
| Method | Path |
| :----- | :---------------------------- |
| `LIST` | `/identity/mfa/method/pingid` |
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
http://127.0.0.1:8200/v1/identity/mfa/method/pingid
```
### Sample Response
```json
{
"data": {
"keys": [
"f8381105-67f0-4105-8662-4b07ae5c1233"
]
}
}
```
Reference in New Issue View Git Blame Copy Permalink