This section explains how to use the
qq saml_modify_settings command.Description
Modify cluster SAML configuration
Usage
qq saml_modify_settings [-h] [--disable | --enable] [--idp-sso-url IDP_SSO_URL] [--idp-certificate IDP_CERTIFICATE | --idp-certificate-file IDP_CERTIFICATE_FILE]
[--idp-entity-id IDP_ENTITY_ID] [--cluster-dns-name CLUSTER_DNS_NAME] [--require-sso {true,false}]
Flags
| Flag Name | Required | Description |
|---|---|---|
--disable
|
No | Disable authentication via SAML |
--enable
|
No | Enable authentication via SAML |
--idp-sso-url
|
No | Sets the cluster's configured IDP SSO URL. |
--idp-certificate
|
No | Sets the cluster's configured IDP public key with the given value in PEM format. |
--idp-certificate-file
|
No | Sets the cluster's configured IDP public key from a PEM file. |
--idp-entity-id
|
No | Sets the URI for the IDP this cluster trusts to authenticate users via SAML. |
--cluster-dns-name
|
No | Sets the cluster's configured DNS name (must be FQDN). |
--require-sso
|
No | If set, requires SSO for Active Directory (AD) users to be able to manage this cluster. The cluster rejects password-based authentication from AD users of the Web UI, qq CLI, and REST API. This setting does not restrict access over file protocols such as SMB. |