creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 22:24:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-saml-sso-with-okta/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

45 lines
1.6 KiB
Markdown
Raw Blame History

# API Reference: Implementing SAML SSO with Okta
## Okta Admin API Endpoints
| Endpoint | Method | Purpose |
|----------|--------|---------|
| `/api/v1/apps` | GET | List applications (filter by SAML) |
| `/api/v1/apps/{id}/sso/saml/metadata` | GET | Retrieve SAML metadata XML |
| `/api/v1/apps/{id}/users` | GET | List user assignments |
| `/api/v1/apps/{id}/groups` | GET | List group assignments |
| `/api/v1/policies?type=OKTA_SIGN_ON` | GET | Check MFA policies |
## SAML Security Checks
| Check | Severity | Description |
|-------|----------|-------------|
| SHA-256 signature | High | SignatureMethod must not use SHA-1 |
| Assertion encryption | Medium | Encrypt assertions in transit |
| AudienceRestriction | High | Must limit assertion audience |
| Certificate expiry | Critical | Monitor signing cert expiration |
| SingleLogoutService | Medium | SLO endpoint should be configured |
| MFA enforcement | High | Require MFA for SAML authentication |
## SAML XML Namespaces
| Prefix | URI |
|--------|-----|
| md | `urn:oasis:names:tc:SAML:2.0:metadata` |
| ds | `http://www.w3.org/2000/09/xmldsig#` |
| saml | `urn:oasis:names:tc:SAML:2.0:assertion` |
## Python Libraries
| Library | Version | Purpose |
|---------|---------|---------|
| `requests` | >=2.28 | Okta API communication |
| `xml.etree.ElementTree` | stdlib | SAML metadata parsing |
| `ssl` | stdlib | Certificate expiry checking |
## References
- Okta SAML Docs: https://developer.okta.com/docs/concepts/saml/
- Okta API: https://developer.okta.com/docs/reference/api/apps/
- OWASP SAML Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html
Reference in New Issue View Git Blame Copy Permalink