The POST /environments/{{envID}}/propagation/stores operation adds a new identity store resource to the specified environment resource.

Prerequisites

See Propagation store base data model and Propagation store Azure Active Directory SAML V2.0 configuration data model for full property descriptions.

Property Type Required?
configuration.ClientId String Required
configuration.ClientSecret String Required
configuration.CREATE_NEW_USERS (Deprecated) Boolean Optional
configuration.CREATE_USERS Boolean Optional
configuration.DEPROVISION_USER_ACTION_PROV_OPT (Deprecated) Boolean Optional
configuration.DEPROVISION_USERS Boolean Optional
configuration.DISABLE_USERS Boolean Optional
configuration.PROVISION_DISABLED_USERS_PROV_OPT Boolean Optional
configuration.REMOVE_ACTION String Optional
configuration.REMOVE_USERS_PROV_OPT (Deprecated) Boolean Optional
configuration.RemoveLicensesWhenSkuIdEmpty Boolean Required
configuration.TenantDomain String Required
configuration.UPDATE_NEW_USERS (Deprecated) Boolean Optional
configuration.UPDATE_USERS Boolean Optional
description String Optional
image.href String Optional
managed Boolean Optional
name String Required
status String Optional
type String Required

Two properties appear in the response to Identity Propagation Store Metadata (AzureActiveDirectorySAML2) that are not listed in this request model. The required property,DefaultPassword, and the optional property, DoBase64Conversion (if required for ImmutableId), must be implemented as a rule mapping using Create Rule Mapping. You must write an appropriate PingOne Expression Language (PEL) expression for the rule mapping expression property. Implement DefaultPassword as part of the PEL for the rule mapping for the required password property.

This operation sends and returns the connection properties for an identity store with "type":"AzureActiveDirectorySAML2". For information on the available and required keys in the configuration object of the request body, review connectionProfiles[].connectionAttributes[] and attributeMetadata.capabilities[] in the response to POST Identity Propagation Store Metadata (AzureActiveDirectorySAML2).