Single Sign on with SAML via API

Question

Hi Team ,
Need help in Uploading the meta data via API to make single sign on with SAML.

Steps done so far.

1.Able to get the access token.

2.upload SAML meta data - facing an issue mentioned below.

 
saml_metadata = "" # here the metatadata content is been sent

url =f'https://graph.microsoft.com/v1.0/applications/{application_id}/federatedIdentityCredentials'

# The payload for the API request
payload = {
    "name": "saml_azure",
    "issuer": "https://sts.windows.net/{tenant_id}/",
    #"metadataUrl": "https://login.microsoftonline.com/{tenant_id}/federationmetadata/2007-06/federationmetadata.xml",
    "metadata": saml_metadata
}

# The headers for the API request
headers = {
    'Authorization': f'Bearer {access_token}',
    'Content-Type': 'application/json'
}

# Make the API request to upload the SAML metadata
response = requests.post(url, json=payload, headers=headers)

Output:

Failed to upload SAML metadata. Status code: 400

Response: {"error":{"code":"Request_BadRequest","message":"Property 'subject' cannot be empty.","innerError":{"date":"2024-10-15T08:34:49","request-id":"10fa3e6b-902d-42a0-a9cc-d68e78271833","client-request-id":"10fa3e6b-902d-42a0-a9cc-d68e78271833"}}}

PS C:\Users\naigad\OneDrive - NetApp Inc\Desktop\SAML>

Answer 1

Hello Naiga, Divya,

Thank you for reaching out to Microsoft Support!

According to the document, when you Create federatedIdentityCredential, at the Request the body has four attributes is necessary, audiences, issuer, name, and the subject, You've provided the values for the first three attributes in your payload variable, but the value for subject is missing.

Enter the value as required in the document.

Hope this helps.

If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.