SAML Service Provider metrics

Metrics supported in the SAML Service Provider

Counter for delegation requests

Table 1. fourjs_saml_request_count
Labels Value Purpose
  1. request: The request label may be one of the following values shown in the table.
    Value Description
    delegate Request for login or logout
    auto_logout Request for relogin when auto logout set via GAS
    process_callback Request for log in
  2. operation: The operation label may be one of the following values shown in the table below.
    Value Description
    login Request for login
    logout Request for logout
    prompt Relogin request when set via GAS PROMPT configuration
  3. url: URL of the application requesting OpenID Connect login/logout workflow
  4. status: The status label may be one of the following values shown in the table below.
    Value Description
    ok Request successfully processed
    error Unexpected error — invalid protocol. Check logs for details.
    denied Access to the application denied — insufficient permissions.
Number of delegation request attempts
  • Count number of logged users
  • Count number of logged out users
  • May raise an alert if there are too many errors or denied requests.

This metric is set by default in the GAS and can be disabled through the BDL Prometheus API by setting prometheus.enabled=false in the fglprofile.

Metric examples
# HELP fourjs_saml_request_count Number of requests processed by the SAML service provider
# TYPE fourjs_saml_request_count counter
fourjs_saml_request_count{request="process_callback",operation="login",url="/ua/r/admin/ConsoleApp",status="denied"} 1
fourjs_saml_request_count{request="process_callback",operation="login",url="/ua/r/CalculatorClient",status="ok"} 4
fourjs_saml_request_count{request="delegate",operation="logout",status="ok"} 1
fourjs_saml_request_count{request="delegate",operation="login",status="ok"} 6
fourjs_saml_request_count{request="auto_logout",operation="prompt",status="ok"} 2