...
In your API portal, you will find the Production application credentials (to be used once the application goes live) and the Sandbox credentials (to be used during the integration phase, and for all non-production environment). Several Sandbox environments can be set up (with different credentials for every sandbox) if you need to manage several test environments; just ask our team if you need more sandboxes.
2 - How does the metadata endpoint work?
...
| Info | ||
|---|---|---|
| ||
| We believe that this kind of configuration manifest should belong to your application which is why we ask for a special endpoint on your side. The other approach would be to make you fill a long and boring form inside your App Provider dashboard on maestrano.com... but that wouldn't help you keeping your code/configuration easy to read and maintain. |
Once setup, enter the URL of your metadata endpoint into your Maestrano App Provider dashboard then click on 'Update/Fetch'.
...
| Warning |
|---|
The fields listed below are listed in Snake case. As our SDKs respect languages conventions, fields' names may vary from an SDK to another (e.g.: Java SDK). Please, refer to your SDK documentation for the exact names to use. |
...
| Field | Type | Required for OpenID SSO | Required for SAML SSO | Change with the tenant and the environment | Defaults fields | Description |
|---|---|---|---|---|---|---|
| environment | string | - | - | Yes (with the env. only) | - | The environment of the platform your are integrated to; accepted values: |
| app.host | string | Yes | Yes | Yes (with the env. only) | - | Your application host To test your integration locally, see:Testing Webhooks locally |
api.id | string | Yes | Yes | Yes | - | The id of your app |
| api.host | string | Yes | Yes | Yes | if "environment" is set: value for Maestrano tenant | The platform host |
| sso.idm | string | - | - | - | same as config.app.host | Your Identity Domain Manager |
| sso.init_path | string | Yes | Yes | This value can be changed | - | Your application path that allows users to initiate the Single Sign-On handshake. Upon reaching this endpoint your application will automatically |
| sso.consume_path | string | - | Yes | This value can be changed on a per-tenant basis | - | Your application path to the SAML endpoint that allows users to finalize SSO authentication |
| sso.idp | string | Yes | Yes | Yes | if "environment" is set: | The platform host |
| sso.x509_fingerprint | string | - | Yes | Yes | if "environment" is set: | We will provide you the correct value for other tenants than Maestrano |
| sso.x509_certificate | string | - | Yes | Yes | if "environment" is set: | We will provide you the correct value for other tenants than Maestrano |
| connec.host | string | Yes | Yes | Yes | if "environment" is set: | The Connec! endpoint used to fetch data from |
| webhook.account.groups_path | string | Yes | Yes | This value can be changed on a per-tenant basis | - | Your application path where a notification will be posted |
| webhook.account.group_users_path | string | Yes | Yes | This value can be changed on a per-tenant basis | - | Your application path where a notification will be posted |
| webhook.connec.notifications_path | string | Yes | Yes | This value can be changed on a per-tenant basis | - | Your application path where notifications |
| webhook.connec.subscriptions | hash | Yes | Yes | No | false for all entities | The list of entities (organizations, people, invoices etc.) |
4 - How can I test my integration?
One of the sandboxes application should be used during the integration phase, or for any non-production environment. You can add the application to your dashboard easily by clicking on the Start Sandbox App button (API > Sandbox Tab > Start Sandbox App) and then choosing the appropriate company.
Once added to your dashboard, you can initiate the SSO process by starting the application, clicking on the application title.
...