The POST /environments/{environmentId}/applications operation adds a new application resource to the specified environment. If you set the protocol attribute to SAML, you must provide values for the following SAML settings:

Base application data model (SAML application)

Property Required? Type
enabled Y Boolean
name Y String
description N String
type Y One of: NATIVE_APP, WEB_APP, SINGLE_PAGE_APP, SERVICE, WORKER, CUSTOM_APP
protocol Y One of: OPENID_CONNECT, SAML
homePageUrl N URL
loginPageUrl N URL
icon.id N UUID
icon.href N URL
assignActorRoles N Boolean
tags N Array, available values: PING_FED_CONNECTION_INTEGRATION
accessControl.role.type N One of: ADMIN_USERS_ONLY. For ADMIN_USERS_ONLY, users must have at least one role assigned in order to receive a token. When omitted, there is no role restriction.
accessControl.group.type N One of ALL_GROUPS, ANY_GROUP. For ALL_GROUPS, users must belong to all referenced groups, and for ANY_GROUP, users must belong to at least one referenced group. When omitted, there is no role restriction.
accessControl.group.groups N Array
accessControl.group.groups.id N UUID

Additional SAML settings

Property Required? Type
spEntityID Y String
acsUrls Y One or more URLS
assertionDuration Y Integer
defaultTargetUrl N URL
sloBinding N One of: HTTP_REDIRECT, HTTP_POST; default HTTP_POST
sloEndpoint N URL
sloResponseEndpoint N URL
responseSigned N Boolean
assertionSigned N Boolean
idpSigning.key.algorithm N String
spEncryption.algorithm N String
spEncryption.certificates.id N UUID
spVerification.authnRequestSigned N Boolean
spVerification.certificates.id N One or more UUIDs
nameIdFormat N One of: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient