Skip to main content

Identity Providers

API docs by Redocly

Identity Provider Management API (v1)

Download OpenAPI specification:Download

This document specifies an Identity Provider Management RESTful API for WSO2 Identity Server. The APIs provide the capability to add/update/delete/patch identity providers. In addition, APIs are available to retrieve metadata about federated authenticators and outbound provisioning connectors that can be configured for any given identity provider.

Identity Providers

List identity providers

This API provides the capability to retrieve the list of identity providers.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
query Parameters
limit
integer <int32>

Maximum number of records to return.

offset
integer <int32>

Number of records to skip for pagination.

filter
string

Condition to filter the retrieval of records. Supports 'sw', 'co', 'ew' and 'eq' operations and also complex queries with 'and' operations. E.g. /identity-providers?filter=name+sw+"google"+and+isEnabled+eq+"true"

sortOrder
string
Enum: "ASC" "DESC"

Defines the order in which the retrieved records should be sorted. This parameter is not supported yet

sortBy
string

Attribute by which the retrieved records should be sorted. This parameter is not supported yet

requiredAttributes
string

Specifies the required parameters in the response. This parameter is not supported yet

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "totalResults": 10,
  • "startIndex": 1,
  • "count": 10,
  • "links": [
    ],
  • "identityProviders": [
    ]
}

Add a new identity provider

This API provides the capability to create a new identity provider.
Scope(Permission) required: internal_idp_create

Authorizations:
OAuth2BasicAuth
Request Body schema:
required

This represents the identity provider to be created.

name
required
string
description
string
image
string
isPrimary
boolean
Default: false
isFederationHub
boolean
Default: false
homeRealmIdentifier
string
object (Certificate)
alias
string
object (Claims)
object (Roles)
object (FederatedAuthenticatorRequest)
object (ProvisioningRequest)

Responses

Request samples

Content type
{
  • "name": "google",
  • "description": "IdP for Google Federation",
  • "image": "google-logo-url",
  • "isPrimary": false,
  • "isFederationHub": false,
  • "homeRealmIdentifier": "localhost",
  • "certificate": {},
  • "alias": "https://localhost:9444/oauth2/token",
  • "claims": {},
  • "roles": {
    },
  • "federatedAuthenticators": {
    },
  • "provisioning": {
    }
}

Response samples

Content type
{
  • "id": "123e4567-e89b-12d3-a456-556642440000",
  • "name": "google",
  • "description": "string",
  • "isEnabled": true,
  • "isPrimary": false,
  • "image": "google-logo-url",
  • "isFederationHub": false,
  • "homeRealmIdentifier": "localhost",
  • "certificate": {},
  • "alias": "https://localhost:9444/oauth2/token",
  • "claims": {},
  • "roles": {
    },
  • "federatedAuthenticators": {
    },
  • "provisioning": {
    }
}

Retrieve identity provider by identity provider's ID

This API provides the capability to retrieve the identity provider details by using its ID. Furthermore, by specifying the "Accept : application/xml" header, it provides the ability to export IdP data as XML.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
{
  • "id": "123e4567-e89b-12d3-a456-556642440000",
  • "name": "google",
  • "description": "string",
  • "isEnabled": true,
  • "isPrimary": false,
  • "image": "google-logo-url",
  • "isFederationHub": false,
  • "homeRealmIdentifier": "localhost",
  • "certificate": {},
  • "alias": "https://localhost:9444/oauth2/token",
  • "claims": {},
  • "roles": {
    },
  • "federatedAuthenticators": {
    },
  • "provisioning": {
    }
}

Patch an identity provider property by ID

This API provides the capability to update an identity provider property using a patch request. IdP patch is supported only for key-value pairs.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required
Array
operation
required
string
Enum: "ADD" "REMOVE" "REPLACE"

The operation to be performed.

path
required
string

A JSON-Pointer

value
string

The value to be used within the operations.

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "id": "123e4567-e89b-12d3-a456-556642440000",
  • "name": "google",
  • "description": "string",
  • "isEnabled": true,
  • "isPrimary": false,
  • "image": "google-logo-url",
  • "isFederationHub": false,
  • "homeRealmIdentifier": "localhost",
  • "certificate": {},
  • "alias": "https://localhost:9444/oauth2/token",
  • "claims": {},
  • "roles": {
    },
  • "federatedAuthenticators": {
    },
  • "provisioning": {
    }
}

Delete an identity provider by ID

This API provides the capability to delete an identity provider by giving its ID.
Scope(Permission) required: internal_idp_delete

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider

query Parameters
force
boolean
Default: false

Enforces the forceful deletion of an identity provider, federated authenticator or an outbound provisioning connector even though it is referred by a service provider.

Responses

Request samples 

curl -X 'DELETE' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}?force=false' \
-H 'accept: */*' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}

Export identity provider in XML, YAML, or JSON file formats

This API provides the capability to retrieve the identity provider by ID. The identity provider is retrieved as an XML, YAML, or JSON file. Use LOCAL as the ID to export resident IdP configurations.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

query Parameters
excludeSecrets
boolean
Default: true

Specifies whether to exclude secrets when exporting an identity provider.

header Parameters
Accept
string
Default: application/yaml
Enum: "application/json" "application/xml" "application/yaml" "application/x-yaml" "text/yaml" "text/xml" "text/json"

Content type of the file.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/export?excludeSecrets=true' \
-H 'accept: application/json'

Response samples

Content type
"Sample application configuration in the requested format"

Update identity provider from an exported YAML, XML or JSON file

This API provides the capability to update an existing identity provider from the information provided as a file. Use LOCAL as the ID to update resident IDP configurations.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: multipart/form-data

This represents the application to be updated.

file
string <binary>

file to upload

Responses

Request samples 

curl -X 'PUT' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/import' \
-H 'accept: */*' \
-H 'Content-Type: multipart/form-data' \
-F 'file=@file-name.xml;type=text/xml'

Response samples

Content type
application/json
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}

Create an IdP from an exported XML, YAML, or JSON file

This API provides the capability to import an identity provider from the information provided as a file.
Scope(Permission) required: internal_idp_create

Authorizations:
OAuth2BasicAuth
Request Body schema: multipart/form-data

This represents the identity provider to be created.

file
string <binary>

file to upload

Responses

Request samples 

curl -X 'POST' \
'https://localhost:9443/api/server/v1/identity-providers/import' \
-H 'accept: */*' \
-H 'Content-Type: multipart/form-data' \
-F 'file=@file-name.xml;type=text/xml'

Response samples

Content type
application/json
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}

Metadata

Metadata about supported federated authenticators of identity providers

This API provides the list of supported federated authenticators for an identity provider in the identity server.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/meta/federated-authenticators' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
[
  • {
    }
]

Metadata about a supported federated authenticator

This API provides the details of a single supported federated authenticator for an identity provider in the identity server.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
federated-authenticator-id
required
string

ID of a federated authenticator

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/meta/federated-authenticators/{federated-authenticator-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "authenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I",
  • "name": "SAML2Authenticator",
  • "displayName": "SAML2 Web SSO Configuration",
  • "properties": [
    ]
}

Metadata about supported outbound provisioning connectors by identity providers in the identity server

This API provides the list of supported federated authenticators for an IdP in the identity server.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/meta/outbound-provisioning-connectors' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
[
  • {
    }
]

Metadata about supported outbound provisioning connectors

This API provides the details of a single supported outbound provisioning connector for an IdP in the identity server.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
outbound-provisioning-connector-id
required
string

ID of an Outbound Provisioning Connector

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/meta/outbound-provisioning-connectors/{outbound-provisioning-connector-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "connectorId": "U0NJTQ",
  • "name": "SCIM",
  • "displayName": "SCIM Outbound Provisioning Connector",
  • "blockingEnabled": false,
  • "rulesEnabled": false,
  • "properties": [
    ]
}

Federated Authenticators

Federated authenticators of an identity provider

This API provides a list of federated authenticators enabled for a specific identity provider identified by its ID.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/federated-authenticators' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "defaultAuthenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I",
  • "authenticators": [
    ]
}

Update Federated authenticators of an identity provider

This API updates federated authenticators enabled for a specific identity provider identified by its ID.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required

This represents the federated authenticators to be updated

defaultAuthenticatorId
required
string

ID of the federated authenticator to be used as the default authenticator for the respective identity provider.

Array of objects (FederatedAuthenticator)

Includes the list of federated authenticators supported by the respective identity provider. This should include the authenticator specified as the defaultAuthenticator.

Responses

Request samples

Content type
application/json
{
  • "defaultAuthenticatorId": "U0FNTDJBdXRoZW50aWNhdG9y",
  • "authenticators": [
    ]
}

Response samples

Content type
application/json
{
  • "defaultAuthenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I",
  • "authenticators": [
    ]
}

Retrieve the federated authenticator config of an identity provider

This API provides the capability to retrieve the federated authenticator information of an identity provider by giving the federated authenticator's ID.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

federated-authenticator-id
required
string

ID of the federated authenticator.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/federated-authenticators/{federated-authenticator-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "authenticatorId": "U0FNTDJBdXRoZW50aWNhdG9y",
  • "name": "SAML2Authenticator",
  • "isEnabled": true,
  • "isDefault": false,
  • "properties": [
    ]
}

Update a federated authenticator of an IdP using authenticator id

This API provides the capability to update an identity provider's federated authenticator config by specifying the authenticator ID.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

federated-authenticator-id
required
string

ID of the federated authenticator.

Request Body schema: application/json
required

This represents the federated authenticator to be updated

isEnabled
boolean
Default: false
isDefault
boolean
Default: false
Array of objects (Property)

Responses

Request samples

Content type
application/json
{
  • "isEnabled": true,
  • "isDefault": false,
  • "properties": [
    ]
}

Response samples

Content type
application/json
{
  • "authenticatorId": "U0FNTDJBdXRoZW50aWNhdG9y",
  • "name": "SAML2Authenticator",
  • "isEnabled": true,
  • "isDefault": false,
  • "properties": [
    ]
}

Provisioning

Provisioning entities of an identity provider

This API provides a list of available provisioning entities for an identity provider. This includes just-in-time provisioning config and outbound provisioning connectors
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/provisioning' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "jit": {
    },
  • "outboundConnectors": {
    }
}

Outbound provisioning connectors of an identity provider

This API provides a list of outbound provisioning connectors enabled for an identity provider.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/provisioning/outbound-connectors' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "defaultConnectorId": "U0NJTQ",
  • "connectors": [
    ]
}

Update outbound provisioning connectors of an identity provider

This API provides updates the list of outbound provisioning connectors enabled for an identity provider.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required

This represents the outbound provisioning connectors to be updated

defaultConnectorId
required
string
Array of objects (OutboundConnector)

Responses

Request samples

Content type
application/json
{
  • "defaultConnectorId": "U0NJTQ",
  • "connectors": [
    ]
}

Response samples

Content type
application/json
{
  • "defaultConnectorId": "U0NJTQ",
  • "connectors": [
    ]
}

Retrieve the outbound provisioning connector of an identity provider

This API provides the capability to retrieve the outbound provisioning connector information of an identity provider by specifying the provisioning connector's ID.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

outbound-provisioning-connector-id
required
string

ID of the outbound provisioning connector.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/provisioning/outbound-connectors/{outbound-provisioning-connector-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "connectorId": "U0NJTQ",
  • "name": "SCIM",
  • "isEnabled": true,
  • "isDefault": false,
  • "blockingEnabled": false,
  • "rulesEnabled": false,
  • "properties": [
    ]
}

Update an outbound provisioning connector of an identity provider

This API provides the capability to update an outbound provisioning connector config of an identity provider by specifying the provisioning connector's ID.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

outbound-provisioning-connector-id
required
string

ID of the outbound provisioning connector.

Request Body schema: application/json
required

This represents the outbound provisioning connector to be updated

isEnabled
boolean
Default: false
isDefault
boolean
Default: false
blockingEnabled
boolean
Default: false
rulesEnabled
boolean
Default: false
Array of objects (Property)

Responses

Request samples

Content type
application/json
{
  • "isEnabled": true,
  • "isDefault": false,
  • "blockingEnabled": false,
  • "rulesEnabled": false,
  • "properties": [
    ]
}

Response samples

Content type
application/json
{
  • "connectorId": "U0NJTQ",
  • "name": "SCIM",
  • "isEnabled": true,
  • "isDefault": false,
  • "blockingEnabled": false,
  • "rulesEnabled": false,
  • "properties": [
    ]
}

Just-In-Time provisioning config of an identity provider

This API retrieves the Just-In-Time provisioning config of an identity provider by specifying the identity provider ID.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/provisioning/jit' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "isEnabled": true,
  • "scheme": "PROMPT_USERNAME_PASSWORD_CONSENT",
  • "userstore": "PRIMARY",
  • "associateLocalUser": true
}

Update the just-in-time provisioning config of an identity provider

This API provides the capability to update the just-in-time provisioning config of an identity provider by specifying the identity provider's ID. This includes the ability to enable/disable JIT provisioning, change provisioning user store, and enable/disable user prompts for username, password, and consent.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required

This represents the just-in-time provisioning config to be updated.

isEnabled
required
boolean
Default: false
scheme
string
Default: "PROVISION_SILENTLY"
Enum: "PROMPT_USERNAME_PASSWORD_CONSENT" "PROMPT_PASSWORD_CONSENT" "PROMPT_CONSENT" "PROVISION_SILENTLY"
userstore
string
Default: "PRIMARY"
associateLocalUser
boolean
Default: false

Responses

Request samples

Content type
application/json
{
  • "isEnabled": true,
  • "scheme": "PROMPT_USERNAME_PASSWORD_CONSENT",
  • "userstore": "PRIMARY",
  • "associateLocalUser": true
}

Response samples

Content type
application/json
{
  • "isEnabled": true,
  • "scheme": "PROMPT_USERNAME_PASSWORD_CONSENT",
  • "userstore": "PRIMARY",
  • "associateLocalUser": true
}

Claims

Claim config of an identity provider

This API provides the claim config for an identity provider. This includes idp-to-local claim mappings, claims to be outbound provisioned, userID claim URI, and role claim URI.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/claims' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{}

Update the claims of an identity provider

This API provides the capability to update the claim config of an existing identity provider.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required

This represents the claim config to be updated

object (Claim)
object (Claim)
Array of objects (ClaimMapping)
Array of objects (ProvisioningClaim)

Responses

Request samples

Content type
application/json
{}

Response samples

Content type
application/json
{}

Roles

Role config of an identity provider

This API provides the role config of an identity provider. This includes idp-to-local role mappings and/or a list of roles to be outbound-provisioned
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/roles' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "mappings": [
    ],
  • "outboundProvisioningRoles": [
    ]
}

Update the role config of an identity provider

This API provides the capability to update the role config of an identity provider by specifying the identity provider ID.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

Request Body schema: application/json
required

This represents the role config to be updated.

Array of objects (RoleMapping)
outboundProvisioningRoles
Array of strings

Responses

Request samples

Content type
application/json
{
  • "mappings": [
    ],
  • "outboundProvisioningRoles": [
    ]
}

Response samples

Content type
application/json
{
  • "mappings": [
    ],
  • "outboundProvisioningRoles": [
    ]
}

Connected Apps

Connected applications of an identity provider

This API provides the list of applications that use this identity provider for federated authentication/provisioning.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
identity-provider-id
required
string

ID of the identity provider.

query Parameters
limit
integer <int32>

Maximum number of records to return.

offset
integer <int32>

Number of records to skip for pagination.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/{identity-provider-id}/connected-apps' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "totalResults": 10,
  • "startIndex": 1,
  • "count": 10,
  • "links": [
    ],
  • "connectedApps": [
    ]
}

Template management

List identity provider templates

This API provides the list of available identity provider templates.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
query Parameters
limit
integer <int32>

Maximum number of records to return.

offset
integer <int32>

Number of records to skip for pagination.

filter
string

Condition to filter the retrieval of records. Supports 'sw', 'co', 'ew' and 'eq' operations and also complex queries with 'and' operations. E.g. /identity-providers?filter=name+sw+"google"+and+isEnabled+eq+"true"

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/templates' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "totalResults": 10,
  • "startIndex": 1,
  • "count": 10,
  • "links": [
    ],
  • "templates": [
    ]
}

Create a new IdP template

This API provides the capability to create a new IdP template.
Scope(Permission) required: internal_idp_create

Authorizations:
OAuth2BasicAuth
Request Body schema:
required

This represents the identity provider template to be created.

name
required
string
description
string
image
string
category
string
Enum: "DEFAULT" "CUSTOM"
displayOrder
integer
required
object (IdentityProviderPOSTRequest)

Responses

Request samples

Content type
{
  • "name": "google",
  • "description": "Google federated connector",
  • "image": "google-logo-url",
  • "category": "DEFAULT",
  • "displayOrder": 10,
  • "idp": {
    }
}

Response samples

Content type
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}

Retrieve identity provider template by ID

This API provides the capability to retrieve an identity provider template using its ID.
Scope(Permission) required: internal_idp_view

Authorizations:
OAuth2BasicAuth
path Parameters
template-id
required
string

ID of the IdP template.

Responses

Request samples 

curl -X 'GET' \
'https://localhost:9443/api/server/v1/identity-providers/templates/{template-id}' \
-H 'accept: application/json' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
{
  • "id": "123e4567-e89b-12d3-a456-556642440000",
  • "name": "google",
  • "description": "Google federated connector",
  • "image": "google-logo-url",
  • "category": "DEFAULT",
  • "displayOrder": 10,
  • "idp": {
    }
}

Update the IdP template of a given template ID

This API provides the capability to update the IdP template of a given template ID.
Scope(Permission) required: internal_idp_update

Authorizations:
OAuth2BasicAuth
path Parameters
template-id
required
string

ID of the IdP template.

Request Body schema:
required

This represents the identity provider template to be created.

name
required
string
description
string
image
string
category
string
Enum: "DEFAULT" "CUSTOM"
displayOrder
integer
required
object (IdentityProviderPOSTRequest)

Responses

Request samples

Content type
{
  • "name": "google",
  • "description": "Google federated connector",
  • "image": "google-logo-url",
  • "category": "DEFAULT",
  • "displayOrder": 10,
  • "idp": {
    }
}

Response samples

Content type
application/json
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}

Delete an IdP template using the template ID.

This API provides the capability to delete an IdP template using the template ID.
Scope(Permission) required: internal_idp_delete

Authorizations:
OAuth2BasicAuth
path Parameters
template-id
required
string

ID of the IdP template.

Responses

Request samples 

curl -X 'DELETE' \
'https://localhost:9443/api/server/v1/identity-providers/templates/{template-id}' \
-H 'accept: */*' \
-H 'Authorization: Basic YWRtaW46YWRtaW4='

Response samples

Content type
application/json
{
  • "code": "AAA-00000",
  • "message": "Some Error Message",
  • "description": "Some Error Description",
  • "traceId": "e0fbcfeb-3617-43c4-8dd0-7b7d38e13047"
}