Get

Returns the specified federation.

To get the list of available federations, make a List request.

TypeScript
Python

import { cloudApi, serviceClients, Session } from "@yandex-cloud/nodejs-sdk";

const GetFederationRequest =
  cloudApi.iam.workload_oidc_federation_service.GetFederationRequest;

(async () => {
  const authToken = process.env["YC_OAUTH_TOKEN"];
  const session = new Session({ oauthToken: authToken });
  const client = session.client(serviceClients.FederationServiceClient);

  const result = await client.get(
    GetFederationRequest.fromPartial({
      federationId: "federationId",
    })
  );
  console.log(result);
})();

import os
import grpc
import yandexcloud

from yandex.cloud.iam.v1.workload.oidc.federation_service_pb2_grpc import FederationServiceStub
from yandex.cloud.iam.v1.workload.oidc.federation_service_pb2 import GetFederationRequest

token = os.getenv("YC_OAUTH_TOKEN")

sdk = yandexcloud.SDK(token=token)

service = sdk.client(FederationServiceStub)
response = service.Get(GetFederationRequest(federation_id="federationId"))
print(response)

GetFederationRequest

`federationId` : string

ID of the federation to return. To get the federation ID, make a FederationService.List request.

Federation

A federation. For more information, see SAML-compatible identity federations.

`id` : string

ID of the federation.

`organizationId` : string

ID of the organization that the federation belongs to.

`name` : string

Name of the federation.

`description` : string

Description of the federation.

`createdAt` : google.protobuf.Timestamp

Creation timestamp.

`cookieMaxAge` : google.protobuf.Duration

Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page.

`autoCreateAccountOnLogin` : bool

Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them.

If the value is false, users who aren't added to the organization can't log in, even if they have authenticated on your server.

`issuer` : string

ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates.

`ssoBinding` : BindingType

Single sign-on endpoint binding type. Most Identity Providers support the POST binding type.

SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.

`ssoUrl` : string

Single sign-on endpoint URL. Specify the link to the IdP login page here.

`securitySettings` : FederationSecuritySettings

Federation security settings.

`caseInsensitiveNameIds` : bool

Use case insensitive Name IDs.

`labels` : string

Resource labels as key:value pairs. Maximum of 64 per resource.

FederationSecuritySettings

Federation security settings.

`encryptedAssertions` : bool

Enable encrypted assertions.

`forceAuthn` : bool

Value parameter ForceAuthn in SAMLRequest.

Get

GetFederationRequest​

federationId : string​

Federation​

id : string​

organizationId : string​

name : string​

description : string​

createdAt : google.protobuf.Timestamp​

cookieMaxAge : google.protobuf.Duration​

autoCreateAccountOnLogin : bool​

issuer : string​

ssoBinding : BindingType​

ssoUrl : string​

securitySettings : FederationSecuritySettings​

caseInsensitiveNameIds : bool​

labels : string​

FederationSecuritySettings​

encryptedAssertions : bool​

forceAuthn : bool​