Public/Get-SFAssertion.ps1
|
<# .SYNOPSIS Returns a SAML2 assertion for the SuccessFactors API using a registered X.509 private key. .DESCRIPTION Generates a SAML2 assertion by calling the SuccessFactors Identity Provider endpoint. The assertion is required for the Assertion OAuth flow and is exchanged for an access token. .PARAMETER BaseUrl The base URL of the SuccessFactors API instance. .PARAMETER UserID The SuccessFactors user ID for SAML assertion generation. .PARAMETER ClientID The OAuth 2.0 client ID registered in SuccessFactors. .PARAMETER TokenEndpointURL The SuccessFactors OAuth token endpoint URL. .PARAMETER PrivateKey The PEM-encoded X.509 private key for assertion signing. .OUTPUTS Hashtable - Contains the assertion value for token exchange. #> function Get-SFAssertion{ param( [Parameter(Mandatory = $true)] [string] $BaseUrl, [Parameter(Mandatory = $true)] [string] $UserID, [Parameter(Mandatory = $true)] [string] $ClientID, [Parameter(Mandatory = $true)] [string] $TokenEndpointURL, [Parameter(Mandatory = $true)] [string] $PrivateKey ) $uri = "$BaseUrl/oauth/idp" $assertionHeader = @{ "Content-Type" = "application/x-www-form-urlencoded" } $body = @{ user_id = $UserID client_id = $ClientID token_url = $TokenEndpointURL private_key = $PrivateKey } try { $assertion = Invoke-RestMethod -Method Post -Uri $uri -Headers $assertionHeader -Body $body return $assertion } catch { throw "Failed to obtain SuccessFactors assertion from '$uri': $_" } } |