# Create Identity Provider
{% hint style="info" %}
**Prerequisite:** Only contract administrators, owners, and users with `accessAndManageIamResources` privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see [Set User Privileges for Identity and Access Management](/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation/how-tos/set-user-privileges-iam-dcd.md).
{% endhint %}
To create a new Identity Provider (IDP), perform a `POST` request.
## Endpoint
Use the following endpoint to create an IDP: `https://iam.ionos.com/federation/identityproviders`.
{% hint style="info" %}
**Info:** You can find the configuration details in the discovery endpoint. For more information, see [Discovery endpoint](/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation/how-tos/configure-iam-federation.md#discovery-endpoint).
{% endhint %}
## Request
{% tabs %}
{% tab title="OIDC" %}
```bash
curl --location \
--request POST 'https://iam.ionos.com/federation/identityproviders' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"metadata": {},
"properties": {
"type": "oidc",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"oidc": {
"openidConfigurationUrl": "https://example.com/.well-known/openid-configuration",
"clientSecret": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB...",
"clientName": "Example Client"
}
}
}
}'
```
{% endtab %}
{% tab title="SAML" %}
```bash
curl --location \
--request POST 'https://iam.ionos.com/federation/identityproviders' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"metadata": {},
"properties": {
"type": "saml",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB..."
}
}
}
}'
```
{% endtab %}
{% endtabs %}
### Request Parameters
{% tabs %}
{% tab title="Request Body Parameters" %}
Below is the list of mandatory body parameters:
| **Body Parameters** | **Type** | **Description** | **Example** |
| ------------------- | -------- | --------------------------------------------------------- | ---------------------- |
| `properties` | object | Properties with all the data needed to create a new IDP. | `example.com` |
| `type` | string | The type of identityProvider configuration. | `oidc`, `saml` |
| `name` | string | Name to uniquely identify the IDP. | `IdentityProvider ABC` |
| `enabled` | boolean | Choose to enable or disable the IDP. | `true` |
| `configuration` | object | Specify the configuration details of the identity broker. | `oidc`, `saml` |
| {% endtab %} | | | |
{% tab title="Request Header Parameters" %}
To make authenticated requests to the API, the following fields are mandatory in the request header:
| **Header Parameters** | **Required** | **Type** | **Description** |
| --------------------- | :----------: | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `Authorization` | yes | string | The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, [Generate authentication token](/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager.md#generate-authentication-token). |
| `Content-Type` | yes | string | Set this to `application/json`. |
| {% endtab %} | | | |
| {% endtabs %} | | | |
## Response
**201 Successful operation**
{% tabs %}
{% tab title="OIDC" %}
```bash
{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type": "identityprovider",
"href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::"
},
"properties": {
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"oidc": {
"openidConfigurationUrl": "https://example.com/.well-known/openid-configuration",
"clientName": "Example Client",
"endpoint": "https://iam.ionos.com/realms/cloud/.well-known/openid-configuration"
}
}
}
}
```
{% endtab %}
{% tab title="SAML" %}
```bash
{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type": "identityprovider",
"href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::",
"redirectURI": "https://iam.ionos.com/realms/cloud/broker/identityProviderId/endpoint",
"webOrigin": "https://iam.ionos.com"
},
"properties": {
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB"
}
}
}
}
```
{% endtab %}
{% endtabs %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation/api-how-tos/create-identity-provider.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.