---
title: CommonFederationConfiguration
description: Resource path:
component: pingam
version: 8.1
page_id: pingam:entity-reference:sec-amster-entity-commonfederationconfiguration
canonical_url: https://docs.pingidentity.com/pingam/8.1/entity-reference/sec-amster-entity-commonfederationconfiguration.html
section_ids:
sec-amster-entity-commonfederationconfiguration-global-ops: Global Operations
sec-amster-entity-commonfederationconfiguration-global-ops-getalltypes: getAllTypes
sec-amster-entity-commonfederationconfiguration-global-ops-getcreatabletypes: getCreatableTypes
sec-amster-entity-commonfederationconfiguration-global-ops-nextdescendents: nextdescendents
sec-amster-entity-commonfederationconfiguration-global-ops-read: read
sec-amster-entity-commonfederationconfiguration-global-ops-update: update
---
# CommonFederationConfiguration
## Global Operations
Resource path:
```
/global-config/services/federation/common
```
Resource version: `1.0`
### getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
**Usage**
```
am> action CommonFederationConfiguration --global --actionName getAllTypes
```
### getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
**Usage**
```
am> action CommonFederationConfiguration --global --actionName getCreatableTypes
```
### nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
**Usage**
```
am> action CommonFederationConfiguration --global --actionName nextdescendents
```
### read
**Usage**
```
am> read CommonFederationConfiguration --global
```
### update
**Usage**
```
am> update CommonFederationConfiguration --global --body body
```
**Parameters**
* *\--body*
The resource in JSON format, described by the following JSON schema:
```json
{
"type" : "object",
"properties" : {
"implementationClasses" : {
"type" : "object",
"title" : "Implementation Classes",
"propertyOrder" : 1,
"properties" : {
"keyProviderClass" : {
"title" : "KeyProvider SPI implementation class",
"description" : "The Federation system uses this class to provide access to the underlying Java keystore.
The default implementation uses the Java Cryptographic Engine to provide access to the Java keystore. A custom implementation must implement the com.sun.identity.saml.xmlsig.KeyProvider interface.",
"propertyOrder" : 800,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"datastoreClass" : {
"title" : "Datastore SPI implementation class",
"description" : "The Federation system uses this class to get/set user profile attributes.
The default implementation uses the Identity repository APIs to access user profile attributes. A custom implementation must implement the com.sun.identity.plugin.datastore.DataStoreProvider interface.",
"propertyOrder" : 100,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"configurationClass" : {
"title" : "ConfigurationInstance SPI implementation class",
"description" : "The Federation system uses this class to fetch service configuration.
The default implementation uses the SMS APIs to access service configuration. A custom implementation must implement the com.sun.identity.plugin.configuration.ConfigurationInstance interface.",
"propertyOrder" : 200,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"passwordDecoderClass" : {
"title" : "PasswordDecoder SPI implementation class",
"description" : "The Federation system uses this class to decode password encoded by OpenAM.
The default implementation uses the internal OpenAM decryption API to decode passwords. A custom implementation must implement the com.sun.identity.saml.xmlsig.PasswordDecoder interface.",
"propertyOrder" : 600,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"sessionProviderClass" : {
"title" : "SessionProvider SPI implementation class",
"description" : "The Federation system uses this class to interface with the session service.
The default implementation uses the standard authentication and SSO APIs to access the session service. A custom implementation must implement the com.sun.identity.plugin.session.SessionProvider interface.",
"propertyOrder" : 400,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"rootUrlProviderClass" : {
"title" : "Root URL provider SPI implementation class",
"description" : "The Federation system uses this class to get the root URL of the AM deployment.
The default implementation uses the Root URL APIs to access the OpenAM instance root url. A custom implementation must implement the org.forgerock.openam.federation.plugin.rooturl.RootUrlProvider interface.",
"propertyOrder" : 105,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"signatureProviderClass" : {
"title" : "SignatureProvider SPI implementation class",
"description" : "The Federation system uses this class to digitally sign SAML documents.
The default implementation uses the XERCES APIs to sign the documents. A custom implementation must implement the com.sun.identity.saml.xmlsig.SignatureProvider interface.",
"propertyOrder" : 700,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"loggerClass" : {
"title" : "Logger SPI implementation class",
"description" : "The Federation system uses this class to record log entries.
The default implementation uses the Logging APIs to record log entries. A custom implementation must implement the com.sun.identity.plugin.log.Logger interface.",
"propertyOrder" : 300,
"required" : true,
"type" : "string",
"exampleValue" : ""
}
}
},
"generalConfig" : {
"type" : "object",
"title" : "General Configuration",
"propertyOrder" : 0,
"properties" : {
"samlErrorPageUrl" : {
"title" : "SAML Error Page URL",
"description" : "OpenAM redirects users here when an error occurs in the SAML2 engine.
Both relative and absolute URLs are supported. Users are redirected to an absolute URL using the configured HTTP Binding whereas relative URLs are displayed within the request.",
"propertyOrder" : 1700,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"maxContentLength" : {
"title" : "Maximum allowed content length",
"description" : "The maximum content length allowed in federation communications, in bytes.",
"propertyOrder" : 500,
"required" : true,
"type" : "integer",
"exampleValue" : ""
},
"certificateChecking" : {
"title" : "Check presence of certificates",
"description" : "Enable checking of certificates against local copy
Whether to verify that the partner's signing certificate included in the Federation XML document is the same as the one stored in the said partner's meta data.",
"propertyOrder" : 900,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"samlErrorPageHttpBinding" : {
"title" : "SAML Error Page HTTP Binding",
"description" : "The possible values are HTTP-Redirect or HTTP-POST.",
"propertyOrder" : 1800,
"required" : true,
"type" : "string",
"exampleValue" : ""
}
}
},
"algorithms" : {
"type" : "object",
"title" : "Algorithms",
"propertyOrder" : 2,
"properties" : {
"maskGenerationFunction" : {
"title" : "Mask Generation Function Algorithm",
"description" : "Which MGF algorithm to use when encrypting the symmetric encryption key using RSA OAEP algorithm.",
"propertyOrder" : 1650,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"signatureAlgorithm" : {
"title" : "XML signature algorithm",
"description" : "The algorithm used to sign XML documents.",
"propertyOrder" : 1100,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"DigestAlgorithm" : {
"title" : "XML digest algorithm",
"description" : "The default digest algorithm to use in signing XML.",
"propertyOrder" : 1200,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"QuerySignatureAlgorithmEC" : {
"title" : "Query String signature algorithm (EC)",
"description" : "The default signature algorithm to use in case of EC keys.",
"propertyOrder" : 1500,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"transformationAlgorithm" : {
"title" : "XML transformation algorithm",
"description" : "The algorithm used to transform XML documents.",
"propertyOrder" : 1600,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"QuerySignatureAlgorithmRSA" : {
"title" : "Query String signature algorithm (RSA)",
"description" : "The default signature algorithm to use in case of RSA keys.",
"propertyOrder" : 1300,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"aesKeyWrapAlgorithm" : {
"title" : "AES Key Wrap Algorithm",
"description" : "Which AES key wrap algorithm to use when the remote entity provider does not specify which key wrap algorithm it supports.",
"propertyOrder" : 1700,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"rsaKeyTransportAlgorithm" : {
"title" : "RSA Key Transport Algorithm",
"description" : "",
"propertyOrder" : 1750,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"canonicalizationAlgorithm" : {
"title" : "XML canonicalization algorithm",
"description" : "The algorithm used to canonicalize XML documents.",
"propertyOrder" : 1000,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"QuerySignatureAlgorithmDSA" : {
"title" : "Query String signature algorithm (DSA)",
"description" : "The default signature algorithm to use in case of DSA keys.",
"propertyOrder" : 1400,
"required" : true,
"type" : "string",
"exampleValue" : ""
}
}
},
"montoring" : {
"type" : "object",
"title" : "Monitoring",
"propertyOrder" : 3,
"properties" : {
"monitoringAgentClass" : {
"title" : "Monitoring Agent Provider Class",
"description" : "The Federation system uses this class to gain access to the monitoring system.
The default implementation uses the built-in OpenAM monitoring system. A custom implementation must implement the com.sun.identity.plugin.monitoring.FedMonAgent interface.",
"propertyOrder" : 1900,
"required" : true,
"type" : "string",
"exampleValue" : ""
},
"monitoringSaml2Class" : {
"title" : "Monitoring Provider Class for SAML2",
"description" : "The SAML2 engine uses this class to gain access to the monitoring system.
The default implementation uses the built-in OpenAM monitoring system. A custom implementation must implement the com.sun.identity.plugin.monitoring.FedMonSAML2Svc interface.",
"propertyOrder" : 2100,
"required" : true,
"type" : "string",
"exampleValue" : ""
}
}
}
}
}
```