Class: Sso
The Single Sign-On (SSO) object provides a structure for normalizing SSO
attributes, configuration, and/or settings from Identity Providers.
URI: ocsf:Sso
classDiagram
class Sso
click Sso href "../Sso/"
Object <|-- Sso
click Object href "../Object/"
Sso : auth_protocol
Sso : auth_protocol_id
Sso --> "0..1" AuthProtocolIdEnum : auth_protocol_id
click AuthProtocolIdEnum href "../AuthProtocolIdEnum/"
Sso : certificate
Sso --> "0..1 _recommended_" Certificate : certificate
click Certificate href "../Certificate/"
Sso : created_time
Sso : duration_mins
Sso : idle_timeout
Sso : login_endpoint
Sso : logout_endpoint
Sso : metadata_endpoint
Sso : modified_time
Sso : name
Sso : protocol_name
Sso : scopes
Sso : uid
Sso : vendor_name
Inheritance
- OcsfObject
- Object
- Sso
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| auth_protocol | 0..1 String |
The authorization protocol as defined by the caption of | direct |
| auth_protocol_id | 0..1 AuthProtocolIdEnum |
The normalized identifier of the authentication protocol used by the SSO | direct |
| certificate | 0..1 recommended Certificate |
Digital Signature associated with the SSO resource, e | direct |
| created_time | 0..1 TimestampT |
When the SSO resource was created | direct |
| duration_mins | 0..1 Integer |
The duration (in minutes) for an SSO session, after which re-authentication i... | direct |
| idle_timeout | 0..1 Integer |
Duration (in minutes) of allowed inactivity before Single Sign-On (SSO) sessi... | direct |
| login_endpoint | 0..1 UrlT |
URL for initiating an SSO login request | direct |
| logout_endpoint | 0..1 UrlT |
URL for initiating an SSO logout request, allowing sessions to be terminated | direct |
| metadata_endpoint | 0..1 UrlT |
URL where metadata about the SSO configuration is available (e | direct |
| modified_time | 0..1 TimestampT |
The most recent time when the SSO resource was updated | direct |
| name | 0..1 recommended String |
The name of the SSO resource | direct |
| protocol_name | 0..1 String |
The supported protocol for the SSO resource | direct |
| scopes | * String |
Scopes define the specific permissions or actions that the client is allowed ... | direct |
| uid | 0..1 recommended String |
A unique identifier for a SSO resource | direct |
| vendor_name | 0..1 String |
Name of the vendor or service provider implementing SSO | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Idp | sso | range | Sso |
In Subsets
Aliases
- SSO
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Sso |
| native | ocsf:Sso |
LinkML Source
Direct
name: Sso
description: 'The Single Sign-On (SSO) object provides a structure for normalizing
SSO
attributes, configuration, and/or settings from Identity Providers.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- SSO
is_a: Object
slots:
- auth_protocol
- auth_protocol_id
- certificate
- created_time
- duration_mins
- idle_timeout
- login_endpoint
- logout_endpoint
- metadata_endpoint
- modified_time
- name
- protocol_name
- scopes
- uid
- vendor_name
slot_usage:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
auth_protocol_id:
name: auth_protocol_id
description: 'The normalized identifier of the authentication protocol used by
the SSO
resource.'
certificate:
name: certificate
description: 'Digital Signature associated with the SSO resource, e.g., SAML X.509
certificate details.'
recommended: true
created_time:
name: created_time
description: When the SSO resource was created.
duration_mins:
name: duration_mins
description: 'The duration (in minutes) for an SSO session, after which re-authentication
is
required.'
idle_timeout:
name: idle_timeout
description: 'Duration (in minutes) of allowed inactivity before Single Sign-On
(SSO) session
expiration.'
login_endpoint:
name: login_endpoint
description: URL for initiating an SSO login request.
logout_endpoint:
name: logout_endpoint
description: 'URL for initiating an SSO logout request, allowing sessions to be
terminated
across applications.'
metadata_endpoint:
name: metadata_endpoint
description: 'URL where metadata about the SSO configuration is available (e.g.,
for SAML
configurations).'
modified_time:
name: modified_time
description: The most recent time when the SSO resource was updated.
name:
name: name
description: The name of the SSO resource.
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SSO resource. E.g., <code>SAML</code>
or
<code>OIDC</code>.'
uid:
name: uid
description: A unique identifier for a SSO resource.
recommended: true
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SSO. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
Induced
name: Sso
description: 'The Single Sign-On (SSO) object provides a structure for normalizing
SSO
attributes, configuration, and/or settings from Identity Providers.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- SSO
is_a: Object
slot_usage:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
auth_protocol_id:
name: auth_protocol_id
description: 'The normalized identifier of the authentication protocol used by
the SSO
resource.'
certificate:
name: certificate
description: 'Digital Signature associated with the SSO resource, e.g., SAML X.509
certificate details.'
recommended: true
created_time:
name: created_time
description: When the SSO resource was created.
duration_mins:
name: duration_mins
description: 'The duration (in minutes) for an SSO session, after which re-authentication
is
required.'
idle_timeout:
name: idle_timeout
description: 'Duration (in minutes) of allowed inactivity before Single Sign-On
(SSO) session
expiration.'
login_endpoint:
name: login_endpoint
description: URL for initiating an SSO login request.
logout_endpoint:
name: logout_endpoint
description: 'URL for initiating an SSO logout request, allowing sessions to be
terminated
across applications.'
metadata_endpoint:
name: metadata_endpoint
description: 'URL where metadata about the SSO configuration is available (e.g.,
for SAML
configurations).'
modified_time:
name: modified_time
description: The most recent time when the SSO resource was updated.
name:
name: name
description: The name of the SSO resource.
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SSO resource. E.g., <code>SAML</code>
or
<code>OIDC</code>.'
uid:
name: uid
description: A unique identifier for a SSO resource.
recommended: true
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SSO. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
attributes:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Auth Protocol
rank: 1000
alias: auth_protocol
owner: Sso
domain_of:
- Scim
- Sso
- Authentication
- DroneFlightsActivity
range: string
auth_protocol_id:
name: auth_protocol_id
annotations:
sibling:
tag: sibling
value: auth_protocol
description: 'The normalized identifier of the authentication protocol used by
the SSO
resource.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Auth Protocol ID
rank: 1000
alias: auth_protocol_id
owner: Sso
domain_of:
- Scim
- Sso
- Authentication
- DroneFlightsActivity
range: AuthProtocolIdEnum
certificate:
name: certificate
description: 'Digital Signature associated with the SSO resource, e.g., SAML X.509
certificate details.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Certificate
rank: 1000
alias: certificate
owner: Sso
domain_of:
- Sso
- Tls
- DigitalSignature
- Authentication
range: Certificate
recommended: true
created_time:
name: created_time
description: When the SSO resource was created.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Created Time
rank: 1000
alias: created_time
owner: Sso
domain_of:
- Osint
- RelatedEvent
- Sbom
- Scim
- Session
- Sso
- Token
- Whois
- Resource
- Advisory
- AuthenticationToken
- Certificate
- Cve
- Database
- Databucket
- DigitalSignature
- Enrichment
- Epss
- File
- FindingObject
- FindingInfo
- Job
- KbArticle
- LdapPerson
- ProcessEntity
- Table
- Device
range: TimestampT
duration_mins:
name: duration_mins
description: 'The duration (in minutes) for an SSO session, after which re-authentication
is
required.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Duration Minutes
rank: 1000
alias: duration_mins
owner: Sso
domain_of:
- Sso
- Timespan
range: integer
idle_timeout:
name: idle_timeout
description: 'Duration (in minutes) of allowed inactivity before Single Sign-On
(SSO) session
expiration.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- SSO Idle Timeout
rank: 1000
alias: idle_timeout
owner: Sso
domain_of:
- Sso
range: integer
login_endpoint:
name: login_endpoint
description: URL for initiating an SSO login request.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Login Endpoint
rank: 1000
alias: login_endpoint
owner: Sso
domain_of:
- Sso
range: UrlT
logout_endpoint:
name: logout_endpoint
description: 'URL for initiating an SSO logout request, allowing sessions to be
terminated
across applications.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Logout Endpoint
rank: 1000
alias: logout_endpoint
owner: Sso
domain_of:
- Sso
range: UrlT
metadata_endpoint:
name: metadata_endpoint
description: 'URL where metadata about the SSO configuration is available (e.g.,
for SAML
configurations).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Metadata Endpoint
rank: 1000
alias: metadata_endpoint
owner: Sso
domain_of:
- Sso
range: UrlT
modified_time:
name: modified_time
description: The most recent time when the SSO resource was updated.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Modified Time
rank: 1000
alias: modified_time
owner: Sso
domain_of:
- Osint
- RelatedEvent
- Scim
- Sso
- Token
- Resource
- Advisory
- Cve
- Database
- Databucket
- File
- FindingObject
- FindingInfo
- LdapPerson
- Metadata
- Table
- Device
- RegKey
- RegValue
range: TimestampT
name:
name: name
description: The name of the SSO resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: Sso
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SSO resource. E.g., <code>SAML</code>
or
<code>OIDC</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Protocol Name
rank: 1000
alias: protocol_name
owner: Sso
domain_of:
- PortInfo
- Scim
- Sso
- Idp
- NetworkConnectionInfo
- EmailActivity
- TunnelActivity
- AirborneBroadcastActivity
- DroneFlightsActivity
range: string
scopes:
name: scopes
description: 'Scopes define the specific permissions or actions that the client
is allowed to
perform on behalf of the user. Each scope represents a different set of
permissions, and the user can selectively grant or deny access to specific
scopes during the authorization process.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Scopes
rank: 1000
alias: scopes
owner: Sso
domain_of:
- Sso
range: string
multivalued: true
uid:
name: uid
description: A unique identifier for a SSO resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Sso
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
recommended: true
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SSO. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Vendor Name
rank: 1000
alias: vendor_name
owner: Sso
domain_of:
- Osint
- Package
- Scim
- Sso
- Vulnerability
- Agent
- Cvss
- DeviceHwInfo
- GpuInfo
- PeripheralDevice
- Product
- Device
range: string