Skip to main content
MindTouch Success Center

Identity Provider Service

An identity provider service represents a connection between a MindTouch site and an identity provider.

A SAML SSO identity provider (IdP) entity id is not the same as an identity provider service id! The identity provider service id is an arbitrary number assigned to a MindTouch-IdP connection.

You can find your identity provider service id's with an HTTP GET request to your site's services API.

https://example.com/@api/deki/site/services?type=auth

Depending upon your site configuration, an API Token may be required to access this API. The response is an XML document containing the identity provider services that are configured on the site.

<services count="4" querycount="4" totalcount="4" href="https://example.com/@api/deki/site/services">
    <service id="1" href="https://example.com.com/@api/deki/site/services/1">
        <sid>http://services.mindtouch.com/deki/draft/2006/11/dekiwiki</sid>
        <uri>https://success.mindtouch.com/@api/deki</uri>
        <type>auth</type>
        <description>Local</description>
        <date.modified>2016-10-21T23:32:17Z</date.modified>
        <status>enabled</status>
        <init>native</init>
    </service>
    <service id="2" href="https://example.com/@api/deki/site/services/3">
        <sid>sid://mindtouch/2017/12/sso/saml</sid>
        <uri>https://example.com/@api/deki</uri>
        <type>auth</type>
        <description>Partner SAML SSO Portal</description>
        <date.modified>2018-02-22T20:13:49Z</date.modified>
        <status>enabled</status>
        <init>native</init>
    </service>
    <service id="3" href="https://example.com/@api/deki/site/services/3">
        <sid>sid://mindtouch/2019/03/sso/oidc</sid>
        <uri>https://example.com.com/@api/deki</uri>
        <type>auth</type>
        <description>Customer OpenID Connect Portal</description>
        <date.modified>2018-02-22T21:14:51Z</date.modified>
        <status>enabled</status>
        <init>native</init>
    </service>
    <service id="4" href="https://example.com/@api/deki/site/services/3">
        <sid>sid://mindtouch/2017/12/sso/saml</sid>
        <uri>https://example.com.com/@api/deki</uri>
        <type>auth</type>
        <description>Active Directory Employee Sign In</description>
        <date.modified>2019-03-25T20:10:12Z</date.modified>
        <status>enabled</status>
        <init>native</init>
    </service>
</services>

If you are signed in with a site administrator account, this XML document will be verbose, containing configurations for each of these identity provider services. Each service element contains an id attribute, representing the identity provider service's id (XPath: /services/service/@id).

The identity provider service id 1 always represents the local identity provider service, the sign-in form located at Special:UserLogin.

  • Was this article helpful?