Adding doc for the new API introduced by elastic#64517 - /_security/saml/metadata/{realm}

BigPandaToo · BigPandaToo · commit 50cf25a5ba26 · 2020-11-15T19:14:39.000+01:00
Related to elastic#49018
diff --git a/x-pack/docs/en/rest-api/security/saml_sp_metadata.asciidoc b/x-pack/docs/en/rest-api/security/saml_sp_metadata.asciidoc
@@ -0,0 +1,43 @@
+[role="xpack"]
+[[security-api-saml-sp-metadata]]
+=== SAML sp metadata API
+
+Generate a SAML 2.0 Service Provider Metadata.
+
+[[security-api-saml-sp-metadata-request]]
+==== {api-request-title}
+
+`POST /_security/saml/metadata/<realmname>`
+
+[[security-api-saml-sp-metadata-desc]]
+==== {api-description-title}
+
+The SAML 2.0 specification provides a mechanism for Service Providers to describe their
+capabilities and configuration using a metadata file.
+This API generates Service Provider metadata, based on the configuration of a SAML realm
+in Elasticsearch.
+
+[[security-api-saml-sp-metadata-response-body]]
+==== {api-response-body-title}
+
+`metadata`::
+(string) An XML string that contains a SAML Service Providers metadata for the realm.
+
+[[security-api-saml-sp-metadata-example]]
+==== {api-examples-title}
+
+The following example generate Service Provider metadata for
+SAML realm `saml1`:
+
+[source,console]
+--------------------------------------------------
+GET /_security/saml/metadata/saml1
+--------------------------------------------------
+The API returns the following response:
+
+[source,js]
+--------------------------------------------------
+{
+    "xml_metadata":"<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"https://kibana.example.com/\">\n  <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"true\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n    <md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://kibana.example.com/logout\"/>\n    <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://kibana.example.com/api/security/v1/saml\" index=\"1\" isDefault=\"true\"/>\n  </md:SPSSODescriptor>\n</md:EntityDescriptor>\n"
+}
+--------------------------------------------------
