Documentation

1 Manual structure
2 What is Zabbix
3 Zabbix features
4 Zabbix overview
5 What's new in Zabbix 6.4.0
6 What's new in Zabbix 6.4.1
7 What's new in Zabbix 6.4.2
8 What's new in Zabbix 6.4.3
9 What's new in Zabbix 6.4.4
10 What's new in Zabbix 6.4.5
11 What's new in Zabbix 6.4.6
12 What's new in Zabbix 6.4.7
13 What's new in Zabbix 6.4.8
14 What's new in Zabbix 6.4.9
15 What's new in Zabbix 6.4.10
16 What's new in Zabbix 6.4.11
17 What's new in Zabbix 6.4.12
18 What's new in Zabbix 6.4.13
19 What's new in Zabbix 6.4.14
20 What's new in Zabbix 6.4.15
21 What's new in Zabbix 6.4.16
22 What's new in Zabbix 6.4.17
23 What's new in Zabbix 6.4.18
24 What's new in Zabbix 6.4.19
25 What's new in Zabbix 6.4.20
2 Definitions
1 High availability
2 Agent
3 Agent 2
4 Proxy
1 Setup from sources
2 Setup from RHEL packages
3 Setup from Debian/Ubuntu packages
6 Sender
7 Get
8 JS
9 Web service
1 Getting Zabbix
1 PostgreSQL plugin dependencies
2 MongoDB plugin dependencies
2 Best practices for secure Zabbix setup
1 Building Zabbix agent on Windows
2 Building Zabbix agent 2 on Windows
3 Building Zabbix agent on macOS
1 Red Hat Enterprise Linux
2 Debian/Ubuntu/Raspbian
3 SUSE Linux Enterprise Server
4 Windows agent installation from MSI
5 Mac OS agent installation from PKG
6 Unstable releases
5 Installation from containers
6 Web interface installation
1 Upgrade from sources
1 Red Hat Enterprise Linux
2 Debian/Ubuntu
3 Upgrade from containers
1 Compilation issues
9 Template changes
10 Upgrade notes for 6.4.0
11 Upgrade notes for 6.4.1
12 Upgrade notes for 6.4.2
13 Upgrade notes for 6.4.3
14 Upgrade notes for 6.4.4
15 Upgrade notes for 6.4.5
16 Upgrade notes for 6.4.6
17 Upgrade notes for 6.4.7
18 Upgrade notes for 6.4.8
19 Upgrade notes for 6.4.9
20 Upgrade notes for 6.4.10
21 Upgrade notes for 6.4.11
22 Upgrade notes for 6.4.12
23 Upgrade notes for 6.4.13
24 Upgrade notes for 6.4.14
25 Upgrade notes for 6.4.15
26 Upgrade notes for 6.4.16
27 Upgrade notes for 6.4.17
28 Upgrade notes for 6.4.18
29 Upgrade notes for 6.4.19
1 Login and configuring user
2 New host
3 New item
4 New trigger
5 Receiving problem notification
6 New template
6 Zabbix appliance
1 Configuring a host
2 Inventory
3 Mass update
1 Item key format
2 Custom intervals
1 Usage examples
2 Preprocessing details
1 Escaping special characters from LLD macro values in JSONPath
1 Additional JavaScript objects
5 CSV to JSON preprocessing
1 Zabbix agent 2
2 Windows Zabbix agent
1 Dynamic indexes
2 Special OIDs
3 MIB files
3 SNMP traps
4 IPMI checks
1 VMware monitoring item keys
6 Log file monitoring
1 Aggregate calculations
8 Internal checks
9 SSH checks
10 Telnet checks
11 External checks
12 Trapper items
13 JMX monitoring
1 Recommended UnixODBC settings for MySQL
2 Recommended UnixODBC settings for PostgreSQL
3 Recommended UnixODBC settings for Oracle
4 Recommended UnixODBC settings for MSSQL
15 Dependent items
16 HTTP agent
17 Prometheus checks
18 Script items
4 History and trends
1 Extending Zabbix agents
6 Windows performance counters
7 Mass update
8 Value mapping
9 Queue
10 Value cache
11 Execute now
12 Restricting agent checks
1 Configuring a trigger
2 Trigger expression
3 Trigger dependencies
4 Trigger severity
5 Customizing trigger severities
6 Mass update
7 Predictive trigger functions
1 Trigger event generation
2 Other event sources
3 Manual closing of problems
1 Trigger-based event correlation
2 Global event correlation
6 Tagging
1 Simple graphs
2 Custom graphs
3 Ad-hoc graphs
4 Aggregation in graphs
1 Configuring a network map
2 Host group elements
3 Link indicators
3 Dashboards
4 Host dashboards
1 Configuring a template
2 Linking/unlinking
3 Nesting
4 Mass update
1 Zabbix agent template operation
2 Zabbix agent 2 template operation
3 HTTP template operation
4 IPMI template operation
5 JMX template operation
6 ODBC template operation
7 Standardized templates for network devices
1 Email
2 SMS
3 Custom alert scripts
1 Webhook script examples
1 Conditions
1 Sending message
2 Remote commands
3 Additional operations
4 Using macros in messages
3 Recovery operations
4 Update operations
5 Escalations
3 Receiving notification on unsupported items
1 Macro functions
2 User macros
3 User macros with context
4 Secret user macros
5 Low-level discovery macros
6 Expression macros
1 Configuring a user
2 Permissions
3 User groups
1 CyberArk configuration
2 HashiCorp configuration
14 Scheduled reports
1 Export to files
2 Streaming to external systems
1 Service tree
2 SLA
3 Setup example
1 Web monitoring items
2 Real-life scenario
1 VMware monitoring item keys
2 Virtual machine discovery key fields
3 JSON examples for VMware items
4 VMware monitoring setup example
11 Maintenance
12 Regular expressions
1 Problem suppression
1 Template groups
2 Host groups
3 Templates
4 Hosts
5 Network maps
6 Media types
1 Configuring a network discovery rule
2 Active agent autoregistration
1 Item prototypes
2 Trigger prototypes
3 Graph prototypes
4 Host prototypes
5 Notes on low-level discovery
1 Discovery of mounted filesystems
2 Discovery of network interfaces
3 Discovery of CPUs and CPU cores
4 Discovery of SNMP OIDs
5 Discovery of SNMP OIDs (legacy)
6 Discovery of JMX objects
7 Discovery of IPMI sensors
8 Discovery of systemd services
9 Discovery of Windows services
10 Discovery of Windows performance counter instances
11 Discovery using WMI queries
12 Discovery using ODBC SQL queries
13 Discovery using Prometheus data
14 Discovery of block devices
15 Discovery of host interfaces in Zabbix
1 Synchronization of monitoring configuration
1 Using certificates
2 Using pre-shared keys
1 Connection type or permission problems
2 Certificate problems
3 PSK problems
1 Event menu
2 Host menu
3 Item menu
1 Action log
2 Clock
3 Data overview
4 Discovery status
5 Favorite graphs
6 Favorite maps
7 Geomap
8 Graph
9 Graph (classic)
10 Graph prototype
11 Host availability
12 Item value
13 Map
14 Map navigation tree
15 Plain text
16 Problem hosts
17 Problems
18 Problems by severity
19 SLA report
20 System information
21 Top hosts
22 Trigger overview
23 URL
24 Web monitoring
1 Cause and symptom problems
1 Graphs
2 Web scenarios
3 Latest data
4 Maps
5 Discovery
1 Services
2 SLA
3 SLA report
1 Overview
2 Hosts
1 System information
2 Scheduled reports
3 Availability report
4 Triggers top 100
5 Audit log
6 Action log
7 Notifications
1 Template groups
2 Host groups
1 Items
2 Triggers
3 Graphs
1 Item prototypes
2 Trigger prototypes
3 Graph prototypes
4 Host prototypes
5 Web scenarios
1 Items
2 Triggers
3 Graphs
1 Item prototypes
2 Trigger prototypes
3 Graph prototypes
4 Host prototypes
5 Web scenarios
5 Maintenance
6 Event correlation
7 Discovery
1 Actions
2 Media types
3 Scripts
1 User groups
2 User roles
3 Users
4 API tokens
1 HTTP
2 LDAP
3 SAML
1 General
2 Audit log
3 Housekeeping
4 Proxies
5 Macros
6 Queue
1 Global notifications
2 Sound in browsers
4 Global search
5 Frontend maintenance mode
6 Page parameters
7 Definitions
8 Creating your own theme
9 Debug mode
10 Cookies used by Zabbix
11 Time zones
12 Resetting password
> Action object
action.create
action.delete
action.get
action.update
> Alert object
alert.get
apiinfo.version
> Audit log object
auditlog.get
> Authentication object
authentication.get
authentication.update
> Autoregistration object
autoregistration.get
autoregistration.update
configuration.export
configuration.import
configuration.importcompare
> Connector object
connector.create
connector.delete
connector.get
connector.update
> Correlation object
correlation.create
correlation.delete
correlation.get
correlation.update
> Dashboard object
1 Action log
2 Clock
3 Data overview
4 Discovery status
5 Favorite graphs
6 Favorite maps
7 Geomap
8 Graph
9 Graph (classic)
10 Graph prototype
11 Host availability
12 Item value
13 Map
14 Map navigation tree
15 Plain text
16 Problem hosts
17 Problems
18 Problems by severity
19 SLA report
20 System information
21 Top hosts
22 Trigger overview
23 URL
24 Web monitoring
dashboard.create
dashboard.delete
dashboard.get
dashboard.update
> Discovered host object
dhost.get
> Discovered service object
dservice.get
> Discovery check object
dcheck.get
> Discovery rule object
drule.create
drule.delete
drule.get
drule.update
> Event object
event.acknowledge
event.get
> Graph object
graph.create
graph.delete
graph.get
graph.update
> Graph item object
graphitem.get
> Graph prototype object
graphprototype.create
graphprototype.delete
graphprototype.get
graphprototype.update
> High availability node object
hanode.get
> History object
history.clear
history.get
> Host object
host.create
host.delete
host.get
host.massadd
host.massremove
host.massupdate
host.update
> Host group object
hostgroup.create
hostgroup.delete
hostgroup.get
hostgroup.massadd
hostgroup.massremove
hostgroup.massupdate
hostgroup.propagate
hostgroup.update
> Host interface object
hostinterface.create
hostinterface.delete
hostinterface.get
hostinterface.massadd
hostinterface.massremove
hostinterface.replacehostinterfaces
hostinterface.update
> Host prototype object
hostprototype.create
hostprototype.delete
hostprototype.get
hostprototype.update
> Housekeeping object
housekeeping.get
housekeeping.update
> Icon map object
iconmap.create
iconmap.delete
iconmap.get
iconmap.update
> Image object
image.create
image.delete
image.get
image.update
> Item object
item.create
item.delete
item.get
item.update
> Item prototype object
itemprototype.create
itemprototype.delete
itemprototype.get
itemprototype.update
> LLD rule object
discoveryrule.copy
discoveryrule.create
discoveryrule.delete
discoveryrule.get
discoveryrule.update
> Maintenance object
maintenance.create
maintenance.delete
maintenance.get
maintenance.update
> Map object
map.create
map.delete
map.get
map.update
> Media type object
mediatype.create
mediatype.delete
mediatype.get
mediatype.update
> Module object
module.create
module.delete
module.get
module.update
> Problem object
problem.get
> Proxy object
proxy.create
proxy.delete
proxy.get
proxy.update
> Regular expression object
regexp.create
regexp.delete
regexp.get
regexp.update
> Report object
report.create
report.delete
report.get
report.update
> Role object
role.create
role.delete
role.get
role.update
> Script object
script.create
script.delete
script.execute
script.get
script.getscriptsbyevents
script.getscriptsbyhosts
script.update
> Service object
service.create
service.delete
service.get
service.update
> Settings object
settings.get
settings.update
> SLA object
sla.create
sla.delete
sla.get
sla.getsli
sla.update
> Task object
task.create
task.get
> Template object
template.create
template.delete
template.get
template.massadd
template.massremove
template.massupdate
template.update
> Template dashboard object
templatedashboard.create
templatedashboard.delete
templatedashboard.get
templatedashboard.update
> Template group object
templategroup.create
templategroup.delete
templategroup.get
templategroup.massadd
templategroup.massremove
templategroup.massupdate
templategroup.propagate
templategroup.update
> Token object
token.create
token.delete
token.generate
token.get
token.update
> Trend object
trend.get
> Trigger object
trigger.create
trigger.delete
trigger.get
trigger.update
> Trigger prototype object
triggerprototype.create
triggerprototype.delete
triggerprototype.get
triggerprototype.update
> User object
user.checkAuthentication
user.create
user.delete
user.get
user.login
user.logout
user.provision
user.unblock
user.update
> User directory object
userdirectory.create
userdirectory.delete
userdirectory.get
userdirectory.test
userdirectory.update
> User group object
usergroup.create
usergroup.delete
usergroup.get
usergroup.update
> User macro object
usermacro.create
usermacro.createglobal
usermacro.delete
usermacro.deleteglobal
usermacro.get
usermacro.update
usermacro.updateglobal
> Value map object
valuemap.create
valuemap.delete
valuemap.get
valuemap.update
> Web scenario object
httptest.create
httptest.delete
httptest.get
httptest.update
Appendix 1. Reference commentary
Appendix 2. Changes from 6.2 to 6.4
Zabbix API changes in 6.4
1 Loadable modules
1 Building loadable plugins
3 Frontend modules
1 Database creation
2 Repairing Zabbix database character set and collation
3 Database upgrade to primary keys
1 MySQL encryption configuration
2 PostgreSQL encryption configuration
5 TimescaleDB setup
6 Elasticsearch setup
7 Distribution-specific notes on setting up Nginx for Zabbix
8 Running agent as root
9 Zabbix agent on Microsoft Windows
10 SAML setup with Microsoft Entra ID
11 SAML setup with Okta
12 SAML setup with OneLogin
13 Oracle database setup
14 Setting up scheduled reports
15 Upgrading to numeric values of extended range
16 Additional frontend languages
1 Zabbix server
2 Zabbix proxy
3 Zabbix agent (UNIX)
4 Zabbix agent 2 (UNIX)
5 Zabbix agent (Windows)
6 Zabbix agent 2 (Windows)
1 Ceph plugin
2 Docker plugin
3 Memcached plugin
4 Modbus plugin
5 MongoDB plugin
6 MQTT plugin
7 MSSQL plugin
8 MySQL plugin
9 Oracle plugin
10 PostgreSQL plugin
11 Redis plugin
12 Smart plugin
8 Zabbix Java gateway
9 Zabbix web service
10 Inclusion
1 Server-proxy data exchange protocol
2 Zabbix agent protocol
3 Zabbix agent 2 protocol
4 Zabbix agent 2 plugin protocol
5 Zabbix sender protocol
6 Header
7 Newline-delimited JSON export protocol
1 vm.memory.size parameters
2 Passive and active agent checks
3 Trapper items
4 Minimum permission level for Windows agent items
5 Encoding of returned values
6 Large file support
7 Sensor
8 Notes on memtype parameter in proc.mem items
9 Notes on selecting processes in proc.mem and proc.num items
10 Implementation details of net.tcp.service and net.udp.service checks
11 proc.get parameters
12 Unreachable/unavailable host interface settings
13 Remote monitoring of Zabbix stats
14 Configuring Kerberos with Zabbix
15 modbus.get parameters
16 Creating custom performance counter names for VMware
17 Return values
1 Foreach functions
2 Bitwise functions
3 Date and time functions
4 History functions
5 Trend functions
6 Mathematical functions
7 Operator functions
8 Prediction functions
9 String functions
1 Supported macros
2 User macros supported by location
7 Unit symbols
8 Time period syntax
9 Command execution
10 Version compatibility
11 Database error handling
12 Zabbix sender dynamic link library for Windows
13 Python library for Zabbix API
14 Service monitoring upgrade
15 Other issues
16 Agent vs agent 2 comparison
17 Escaping examples
1 Monitor Linux with Zabbix agent
2 Monitor Windows with Zabbix agent
3 Monitor Apache via HTTP
4 Monitor MySQL with Zabbix agent 2
5 Monitor VMware with Zabbix
manifest.json
Actions
Views
Assets
Register a new module
Configuration
Presentation
Create a module (tutorial)
Create a widget (tutorial)
Examples
Examples
Create a plugin (tutorial)
Plugin interfaces
zabbix_agent2
zabbix_agentd
zabbix_get
zabbix_js
zabbix_proxy
zabbix_sender
zabbix_server
zabbix_web_service

> User directory object

The following objects are directly related to the userdirectory API.

User directory

The user directory object has the following properties.

Property Type Description
userdirectoryid string ID of the user directory.

If a user directory is deleted, the value of the User object property userdirectoryid is set to "0" for all users that are linked to the deleted user directory.

Property behavior:
- read-only
- required for update operations
idp_type integer Type of the authentication protocol used by the identity provider for the user directory.
Note that only one user directory of type SAML can exist.

Possible values:
1 - User directory of type LDAP;
2 - User directory of type SAML.

Property behavior:
- required for create operations
group_name string LDAP/SAML user directory attribute that contains the group name used to map groups between the LDAP/SAML user directory and Zabbix.

Example: cn

Property behavior:
- required if provision_status is set to "Enabled" and saml_jit_status of Authentication object is set to "Enabled for configured SAML IdPs"
user_username string LDAP/SAML user directory attribute (also SCIM attribute if scim_status is set to "SCIM provisioning is enabled") that contains the user's name which is used as the value for the User object property name when the user is provisioned.

Examples: cn, commonName, displayName, name
user_lastname string LDAP/SAML user directory attribute (also SCIM attribute if scim_status is set to "SCIM provisioning is enabled") that contains the user's last name which is used as the value for the User object property surname when the user is provisioned.

Examples: sn, surname, lastName
provision_status integer Provisioning status of the user directory.

Possible values:
0 - (default) Disabled (provisioning of users created by this user directory is disabled);
1 - Enabled (provisioning of users created by this user directory is enabled; additionally, the status of LDAP or SAML provisioning (ldap_jit_status or saml_jit_status of Authentication object) must be enabled).
provision_groups array Array of provisioning groups mappings objects for mapping LDAP/SAML user group pattern to Zabbix user group and user role.

Property behavior:
- required if provision_status is set to "Enabled"
provision_media array Array of media type mappings objects for mapping user's LDAP/SAML media attributes (e.g., email) to Zabbix user media for sending notifications.
LDAP-specific properties:
name string Unique name of the user directory.

Property behavior:
- required if idp_type is set to "User directory of type LDAP"
host string Host name, IP or URI of the LDAP server.
URI must contain schema (ldap:// or ldaps://), host, and port (optional).

Examples:
host.example.com
127.0.0.1
ldap://ldap.example.com:389

Property behavior:
- required if idp_type is set to "User directory of type LDAP"
port integer Port of the LDAP server.

Property behavior:
- required if idp_type is set to "User directory of type LDAP"
base_dn string LDAP user directory base path to user accounts.

Examples:
ou=Users,dc=example,dc=org
ou=Users,ou=system (for OpenLDAP)
DC=company,DC=com (for Microsoft Active Directory)
uid=%{user},dc=example,dc=com (for direct user binding; placeholder "%{user}" is mandatory)

Property behavior:
- required if idp_type is set to "User directory of type LDAP"
search_attribute string LDAP user directory attribute by which to identify the user account from the information provided in the login request.

Examples:
uid (for OpenLDAP)
sAMAccountName (for Microsoft Active Directory)

Property behavior:
- required if idp_type is set to "User directory of type LDAP"
bind_dn string LDAP server account for binding and searching over the LDAP server.

For direct user binding and anonymous binding, bind_dn must be empty.

Examples:
uid=ldap_search,ou=system (for OpenLDAP)
CN=ldap_search,OU=user_group,DC=company,DC=com (for Microsoft Active Directory)
CN=Admin,OU=Users,OU=Zabbix,DC=zbx,DC=local

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
bind_password string LDAP password of the account for binding and searching over the LDAP server.

For direct user binding and anonymous binding, bind_password must be empty.

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
description string Description of the user directory.

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
group_basedn string LDAP user directory base path to groups; used to configure a user membership check in the LDAP user directory.

Ignored when provisioning a user if group_membership is set.

Example: ou=Groups,dc=example,dc=com

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
group_filter string Filter string for retrieving LDAP user directory groups that the user is a member of; used to configure a user membership check in the LDAP user directory.

Ignored when provisioning a user if group_membership is set.

Supported group_filter placeholders:
%{attr} - search attribute (replaced by the search_attribute property value);
%{groupattr} - group attribute (replaced by the group_member property value);
%{host} - host name, IP or URI of the LDAP server (replaced by the host property value);
%{user} - Zabbix user username.

Default: (%{groupattr}=%{user})

Examples:
- (member=uid=%{ref},ou=Users,dc=example,dc=com) will match "User1" if an LDAP group object contains the "member" attribute with the value "uid=User1,ou=Users,dc=example,dc=com", and will return the group that "User1" is a member of;
- (%{groupattr}=cn=%{ref},ou=Users,ou=Zabbix,DC=example,DC=com) will match "User1" if an LDAP group object contains the attribute specified in the group_member property with the value "cn=User1,ou=Users,ou=Zabbix,DC=example,DC=com", and will return the group that "User1" is a member of.

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
group_member string LDAP user directory attribute that contains information about the group members; used to configure a user membership check in the LDAP user directory.

Ignored when provisioning a user if group_membership is set.

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
group_membership string LDAP user directory attribute that contains information about the groups that a user belongs to.

Example: memberOf

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
search_filter string Custom filter string used to locate and authenticate a user in an LDAP user directory based on the information provided in the login request.

Supported search_filter placeholders:
%{attr} - search attribute name (e.g., uid, sAMAccountName);
%{user} - Zabbix user username.

Default: (%{attr}=%{user})

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
start_tls integer LDAP server configuration option that allows the communication with the LDAP server to be secured using Transport Layer Security (TLS).

Note that start_tls must be set to "Disabled" for hosts using the ldaps:// protocol.

Possible values:
0 - (default) Disabled;
1 - Enabled.

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
user_ref_attr string LDAP user directory attribute used to reference a user object. The value of user_ref_attr is used to get values from the specified attribute in the user directory and place them instead of the %{ref} placeholder in the group_filter string.

Examples: cn, uid, member, uniqueMember

Property behavior:
- supported if idp_type is set to "User directory of type LDAP"
SAML-specific properties:
idp_entityid string URI that identifies the identity provider and is used to communicate with the identity provider in SAML messages.

Example: https://idp.example.com/idp

Property behavior:
- required if idp_type is set to "User directory of type SAML"
sp_entityid string URL or any string that identifies the identity provider's service provider.

Examples:
https://idp.example.com/sp
zabbix

Property behavior:
- required if idp_type is set to "User directory of type SAML"
username_attribute string SAML user directory attribute (also SCIM attribute if scim_status is set to "SCIM provisioning is enabled") that contains the user's username which is compared with the value of the User object property username when authenticating.

Examples: uid, userprincipalname, samaccountname, username, userusername, urn:oid:0.9.2342.19200300.100.1.1, urn:oid:1.3.6.1.4.1.5923.1.1.1.13, urn:oid:0.9.2342.19200300.100.1.44

Property behavior:
- required if idp_type is set to "User directory of type SAML"
sso_url string URL of the identity provider's SAML single sign-on service, to which Zabbix will send the SAML authentication requests.

Example: http://idp.example.com/idp/sso/saml

Property behavior:
- required if idp_type is set to "User directory of type SAML"
slo_url string URL of the identity provider's SAML single log-out service, to which Zabbix will send the SAML logout requests.

Example: https://idp.example.com/idp/slo/saml

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
encrypt_nameid integer Whether the SAML name ID should be encrypted.

Possible values:
0 - (default) Do not encrypt name ID;
1 - Encrypt name ID.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
encrypt_assertions integer Whether the SAML assertions should be encrypted.

Possible values:
0 - (default) Do not encrypt assertions;
1 - Encrypt assertions.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
nameid_format string Name ID format of the SAML identity provider's service provider.

Examples:
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
urn:oasis:names:tc:SAML:2.0:nameid-format:entity

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
scim_status integer Whether SCIM provisioning for SAML is enabled or disabled.

Possible values:
0 - (default) SCIM provisioning is disabled;
1 - SCIM provisioning is enabled.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
sign_assertions integer Whether the SAML assertions should be signed with a SAML signature.

Possible values:
0 - (default) Do not sign assertions;
1 - Sign assertions.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
sign_authn_requests integer Whether the SAML AuthN requests should be signed with a SAML signature.

Possible values:
0 - (default) Do not sign AuthN requests;
1 - Sign AuthN requests.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
sign_messages integer Whether the SAML messages should be signed with a SAML signature.

Possible values:
0 - (default) Do not sign messages;
1 - Sign messages.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
sign_logout_requests integer Whether the SAML logout requests should be signed with a SAML signature.

Possible values:
0 - (default) Do not sign logout requests;
1 - Sign logout requests.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"
sign_logout_responses integer Whether the SAML logout responses should be signed with a SAML signature.

Possible values:
0 - (default) Do not sign logout responses;
1 - Sign logout responses.

Property behavior:
- supported if idp_type is set to "User directory of type SAML"

Media type mappings

The media type mappings object has the following properties.

Property Type Description
name string Visible name in the list of media type mappings.

Property behavior:
- required
mediatypeid string ID of the media type to be created; used as the value for the Media object property mediatypeid.

Property behavior:
- required
attribute string LDAP/SAML user directory attribute (also SCIM attribute if scim_status is set to "SCIM provisioning is enabled") that contains the user's media (e.g., [email protected]) which is used as the value for the Media object property sendto.

If present in data received from the LDAP/SAML identity provider, and the value is not empty, this will trigger media creation for the provisioned user.

Property behavior:
- required

Provisioning groups mappings

The provisioning groups mappings has the following properties.

Property Type Description
name string Full name of a group (e.g., Zabbix administrators) in LDAP/SAML user directory (also SCIM if scim_status is set to "SCIM provisioning is enabled").
Supports the wildcard character "*".
Unique across all provisioning groups mappings.

Property behavior:
- required
roleid string ID of the user role to assign to the user.

If multiple provisioning groups mappings are matched, the role of the highest user type (User, Admin, or Super admin) is assigned to the user. If there are multiple roles with the same user type, the first role (sorted in alphabetical order) is assigned to the user.

Property behavior:
- required
user_groups array Array of Zabbix user group ID objects. Each object has the following properties:
usrgrpid - (integer) ID of Zabbix user group to assign to the user.

If multiple provisioning groups mappings are matched, Zabbix user groups of all matched mappings is assigned to the user.

Property behavior:
- required
© 2001-2024 by Zabbix SIA. All rights reserved.
Except where otherwise noted, Zabbix Documentation is licensed under the following license
Trademark Policy