Get all Identity Providers
query Parameters
filterstringFiltering parameter in RSQL. See https://github.com/jirutka/rsql-parser. You can specify any object parameter and parameter of related entity (for example title=='Some Title';description=='desc'). Additionally, if the entity relationship represents a polymorphic entity type, it can be casted to its subtypes (for example relatedEntity::subtype.subtypeProperty=='Value 123').
pageintegerZero-based page index (0..N)
Default: 0sizeintegerThe size of the page to be returned
Default: 20sortstring[]Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
metaIncludestring[] · unique · style: formInclude Meta objects.
Included meta objects
Enum values:pageallALL
Responses
Request successfully processed
dataobject[] · unique · required
linksobjectmetaobject
Get Identity Provider
path Parameters
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· required
query Parameters
filterstringFiltering parameter in RSQL. See https://github.com/jirutka/rsql-parser. You can specify any object parameter and parameter of related entity (for example title=='Some Title';description=='desc'). Additionally, if the entity relationship represents a polymorphic entity type, it can be casted to its subtypes (for example relatedEntity::subtype.subtypeProperty=='Value 123').
Responses
Request successfully processed
dataobject · requiredJSON:API representation of identityProvider entity.
linksobject
Put Identity Provider
path Parameters
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· required
query Parameters
filterstringFiltering parameter in RSQL. See https://github.com/jirutka/rsql-parser. You can specify any object parameter and parameter of related entity (for example title=='Some Title';description=='desc'). Additionally, if the entity relationship represents a polymorphic entity type, it can be casted to its subtypes (for example relatedEntity::subtype.subtypeProperty=='Value 123').
Responses
Request successfully processed
dataobject · requiredJSON:API representation of identityProvider entity.
linksobject
Delete Identity Provider
path Parameters
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· required
query Parameters
filterstringFiltering parameter in RSQL. See https://github.com/jirutka/rsql-parser. You can specify any object parameter and parameter of related entity (for example title=='Some Title';description=='desc'). Additionally, if the entity relationship represents a polymorphic entity type, it can be casted to its subtypes (for example relatedEntity::subtype.subtypeProperty=='Value 123').
Responses
Successfully deleted
Patch Identity Provider
path Parameters
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· required
query Parameters
filterstringFiltering parameter in RSQL. See https://github.com/jirutka/rsql-parser. You can specify any object parameter and parameter of related entity (for example title=='Some Title';description=='desc'). Additionally, if the entity relationship represents a polymorphic entity type, it can be casted to its subtypes (for example relatedEntity::subtype.subtypeProperty=='Value 123').
Responses
Request successfully processed
dataobject · requiredJSON:API representation of identityProvider entity.
linksobject
Get all identity providers layout
Gets complete layout of identity providers.
Responses
Retrieved layout of all identity providers.
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· requiredFilterView object ID.
Example: filterView-1
customClaimMappingobject · maxLength: 10000Map of custom claim overrides. To be used when your Idp does not provide default claims (sub, email, name, given_name, family_name, urn.gooddata.user_groups [optional]). Define the key pair for the claim you wish to override, where the key is the default name of the attribute and the value is your custom name for the given attribute.
identifiersstring[]List of identifiers for this IdP, where an identifier is a domain name. Users with email addresses belonging to these domains will be authenticated by this IdP.
Example: ["gooddata.com"]idpTypestring · enumType of IdP for management purposes. MANAGED_IDP represents a GoodData managed IdP used in single OIDC setup, which is protected from altering/deletion. FIM_IDP represents a GoodData managed IdP used in federated identity management setup, which is protected from altering/deletion. CUSTOM_IDP represents customer's own IdP, protected from deletion if currently used by org for authentication, deletable otherwise.
Enum values:MANAGED_IDPFIM_IDPDEX_IDPCUSTOM_IDPoauthClientIdstring · maxLength: 255The OAuth client id of your OIDC provider. This field is mandatory for OIDC IdP.
oauthClientSecretstring · maxLength: 255The OAuth client secret of your OIDC provider. This field is mandatory for OIDC IdP.
oauthCustomAuthAttributesobject · maxLength: 10000Map of additional authentication attributes that should be added to the OAuth2 authentication requests, where the key is the name of the attribute and the value is the value of the attribute.
oauthCustomScopesarray | nullList of additional OAuth scopes which may be required by other providers (e.g. Snowflake)
oauthIssuerIdstring · maxLength: 255Any string identifying the OIDC provider. This value is used as suffix for OAuth2 callback (redirect) URL. If not defined, the standard callback URL is used. This value is valid only for external OIDC providers, not for the internal DEX provider.
Example: myOidcProvideroauthIssuerLocationstring · maxLength: 255The location of your OIDC provider. This field is mandatory for OIDC IdP.
oauthSubjectIdClaimstring · maxLength: 255Any string identifying the claim in ID token, that should be used for user identification. The default value is 'sub'.
Example: oidsamlMetadatastring · maxLength: 15000Base64 encoded xml document with SAML metadata. This document is issued by your SAML provider. It includes the issuer's name, expiration information, and keys that can be used to validate the response from the identity provider. This field is mandatory for SAML IdP.
Set all identity providers
Sets identity providers in organization.
Request Body
idstring · pattern:^(?!\.)[.A-Za-z0-9_-…· requiredFilterView object ID.
Example: filterView-1
customClaimMappingobject · maxLength: 10000Map of custom claim overrides. To be used when your Idp does not provide default claims (sub, email, name, given_name, family_name, urn.gooddata.user_groups [optional]). Define the key pair for the claim you wish to override, where the key is the default name of the attribute and the value is your custom name for the given attribute.
identifiersstring[]List of identifiers for this IdP, where an identifier is a domain name. Users with email addresses belonging to these domains will be authenticated by this IdP.
Example: ["gooddata.com"]idpTypestring · enumType of IdP for management purposes. MANAGED_IDP represents a GoodData managed IdP used in single OIDC setup, which is protected from altering/deletion. FIM_IDP represents a GoodData managed IdP used in federated identity management setup, which is protected from altering/deletion. CUSTOM_IDP represents customer's own IdP, protected from deletion if currently used by org for authentication, deletable otherwise.
Enum values:MANAGED_IDPFIM_IDPDEX_IDPCUSTOM_IDPoauthClientIdstring · maxLength: 255The OAuth client id of your OIDC provider. This field is mandatory for OIDC IdP.
oauthClientSecretstring · maxLength: 255The OAuth client secret of your OIDC provider. This field is mandatory for OIDC IdP.
oauthCustomAuthAttributesobject · maxLength: 10000Map of additional authentication attributes that should be added to the OAuth2 authentication requests, where the key is the name of the attribute and the value is the value of the attribute.
oauthCustomScopesarray | nullList of additional OAuth scopes which may be required by other providers (e.g. Snowflake)
oauthIssuerIdstring · maxLength: 255Any string identifying the OIDC provider. This value is used as suffix for OAuth2 callback (redirect) URL. If not defined, the standard callback URL is used. This value is valid only for external OIDC providers, not for the internal DEX provider.
Example: myOidcProvideroauthIssuerLocationstring · maxLength: 255The location of your OIDC provider. This field is mandatory for OIDC IdP.
oauthSubjectIdClaimstring · maxLength: 255Any string identifying the claim in ID token, that should be used for user identification. The default value is 'sub'.
Example: oidsamlMetadatastring · maxLength: 15000Base64 encoded xml document with SAML metadata. This document is issued by your SAML provider. It includes the issuer's name, expiration information, and keys that can be used to validate the response from the identity provider. This field is mandatory for SAML IdP.
Responses
All identity providers set.