Changing SAML parameters of Enterprise Applications programatically.

Question

Hi,

I want to programatically change the SAML(SSO) setting for a already configured enterprise application.

The important thing we want to change is Relay state url.

1. How to configure cli(or python script) with access keys to make the api call to Azure.
2. How to change the relay state url(or other SAML parameters) through API call. I tried exploring graph API's but I am not seeing relay state url in response.

Thanks

Answer 1

Hi @Himanshu Vaish ,

Thanks for reaching out.

I understand you are trying to update the SAML settings of Enterprise application using Graph API so you can call API programmatically.

1.How to change the relay state url(or other SAML parameters) through API call. I tried exploring graph API's but I am not seeing relay state url in response.

You can update the relay state URL and other parameters using Graph API

PATCH https://graph.microsoft.com/v1.0/servicePrincipals/<servicePrincipalId>

where service Principal Id is the object id of the Enterprise application.

You can check the updated value using Get command

2.How to configure cli(or python script) with access keys to make the api call to Azure.

You can also update the SAML parameters using below Powershell commands:

$ServicePrincipalUpdate =@{  
  "RelayState" = "https://signin.aws.amazon.com/saml"  
  }  
  
Update-MgServicePrincipal -ServicePrincipalId '<servicePrincipalId>' -samlSingleSignOnSettings $ServicePrincipalUpdate  

The same will get updated in the portal as well.

Then using the subprocess library in python, you can execute the powershell commands programatically.

Reference : https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.applications/update-mgserviceprincipal?view=graph-powershell-1.0

Thanks,
Shweta

-----------------------------------------

Please remember to "Accept Answer" if answer helped you.

Answer 2

Thanks a lot Shweta. I am able to make changes via CLI.