Service Provider Related Tables¶
This section lists out all the service provider related tables and their attributes in the WSO2 Identity Server database.
When a Service Provider is added, the details are stored in this table. The APP_NAME column represents the Service Provider name. Following are the columns of the table.
Inbound authentication configuration details of a Service Provider are
stored in this table. For each type of associated inbound authentication
configuration for a Service Provider, there will be a separate record
(i.e. OpenID, PassiveSTS, SAMLSSO). If the inbound authentication
configuration is SAMLSSO (value in
will have a property named “Attribute Consuming Service Index” in the
PROP_NAME and the value is a random integer stored in
PROP_VALUE column. Following are the columns of the table.
The Service Providers can define how to authenticate users at the
Identity Server, for authentication requests initiated by it. While
doing that, each Service Provider can define multiple steps and for each
step it can pick more than one authenticator. This is called as
Multi-level (multi-factor) Authentication. This table stores each
authentication step added to the Service Provider. Service Provider is
represented by the
APP_ID. If multiple authentication steps are added
for one Service Provider, the order is maintained in the STEP_ORDER
column. Following are the columns of the table.
For a Service Provider, Federated Identity Providers can be added for
authentication. The Federated Identity Providers for a Service Provider
are stored in this table. Here the ID column points to the ID column of
SP_AUTH_STEP table. Following are the columns of the table.
When the claims of the Identity Provider are different from the Service
Provider, corresponding claims can be mapped from this table for each
Service Provider. The Service Provider ID is given in
APP_ID and the
SP_CLAIM are the Identity Provider and Service Provider
claims respectively. Following are the columns of the table.
When there are user roles defined in the Identity Provider side (here
WSO2 Identity Server) and also in the client application side, the roles
in both sides can be mapped together accordingly through the Service
Provider. The Service Provider ID is given in
APP_ID and the client
application side role is given in
SP_ROLE where the Identity Provider’s
side role is given in
IDP_ROLE. This way, the client application
developers do not need to know the available roles in the Identity
Provider as the roles can be mapped and linked together. Following are
the columns of the table.
If a RequestPathAuthenticator is added to a Service Provider, that is
recorded in this table. Service Provider ID is given in
AUTHENTICATOR_NAME column will contain the name of the request path
authenticator. Following are the columns of the table.
Outbound Provisioning Connectors can be added to the Identity Providers
for user provisioning. Those Provisioning Connectors can be linked to a
Service Provider. For a Service Provider, the associated Provisioning
Connectors are stored in this table.
IDP_NAME column has the Identity
Provider name and the
CONNECTOR_NAME column has the name of the
APP_ID column has the ID of the Service
Provider. Following are the columns of the table.