+ Start a Discussion

SSO and user creation

I'm really new to the api and i've been trying my best to go through it to get a better understanding of it. But there's nothing like the opinion of seasoned salesforce developers...so here goes.
Is there any way to access the SSO settings for an organization through the web services api? Whenever an organization wants enable Saml-based SSO, the administrator has to go to the SSO settings and set the fields like who the issuer is going to be, whether a username or federation id will be in the SAML assertion, and also upload a certificate. I want to eliminate this for the administrator if possible through any capabilities in the api. I've been through some of the api and I don't really see any standard objects that help with this. Does this mean I have to create a custom object myself?
This next part is more of a verification than an actual question. I want to have the ability to click on a link in an external application, which would result in the creation of salesforce user automatically using the whatever email that is associated with that user in the external app. This looks possible with the api through the use of calls like create() to make a new User object. Am I on the right track here? Are there any tutorials out there that can maybe help with this part of what i'm trying to do?
Thanks in advance.
The Federation Single-Sign-On(SAML) settings can't be configured with API in the current release since there are some additional validations, such as public cert and attribute name  need to be done in the interactive mode.  That's what the UI for.  But I won't rule out the possibility of supporting it in the future.