Ensure Identity Provider

Prerequisite: Only contract administrators, owners, and users with accessAndManageIamResources privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see Set User Privileges for Identity and Access Management.

To update an existing IDP, perform a PUT request with the identityProviderId of the IDP.

Note: If an IDP for a given identityProviderId does not exist, an IDP is created (ensured) instead.

Endpoint

Use the following endpoint to create or update an IDP: https://iam.ionos.com/federation/identityproviders/{identityProviderId}.

Request

Note: The following request contains a sample identityProviderId. Replace it with the identityProviderId value whose information you want to update.

curl --X \  
--request PUT 'https://iam.ionos.com/federation/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
{
   "id":"5e6323da-8a45-5732-bec1-d7c29c1dc890",
   "metadata":{
      
   },
   "properties":{
      "type":"oidc",
      "name":"IdentityProvider ABC",
      "enabled":true,
      "domain":"ionos.com",
      "configuration":{
         "oidc":{
            "openidConfigurationUrl":"https://example.com/.well-known/openid-configuration",
            "clientSecret":"MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB...",
            "clientName":"Example Client"
         }
      }
   }

Below is the list of mandatory path parameter:

Body Parameters

Type

Description

Example

identityProviderId

string

The ID (UUID) of the IdentityProvider.

5e6323da-8a45-5732-bec1-d7c29c1dc890

Below is the list of mandatory body parameters:

Body Parameters

Type

Description

Example

id

string

The ID (UUID) of the IDP.

5e6323da-8a45-5732-bec1-d7c29c1dc890

properties

object

Properties with all the data needed to update the IDP.

example.com

type

string

The type of identityProvider configuration.

oidc, saml

name

string

Name of the IDP.

IdentityProvider ABC

enabled

boolean

Choose to enable or disable the IDP.

true

configuration

object

Specify the configuration details to update for the identity broker.

oidc, saml

To make authenticated requests to the API, the following fields are mandatory in the request header:

Header Parameters

Required

Type

Description

Authorization

yes

string

The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, Generate authentication token.

Content-Type

yes

string

Set this to application/json.

Response

200 Successful operation: IDP is successfully updated.
201 Successful operation: IDP is successfully ensured.

Following is an example of when an IDP is successfully updated or ensured for the given IDP details.

{
   "id":"5e6323da-8a45-5732-bec1-d7c29c1dc890",
   "type":"identityprovider",
   "href":"/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
   "metadata":{
      "createdDate":"2020-12-10T13:37:50+01:00",
      "createdBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
      "createdByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
      "lastModifiedDate":"2020-12-11T13:37:50+01:00",
      "lastModifiedBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
      "lastModifiedByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
      "resourceURN":"ionos:<product>:<location>:<contract>:<resource-path>"
   },
   "properties":{
      "name":"IdentityProvider ABC",
      "enabled":true,
      "domain":"ionos.com",
      "configuration":{
         "oidc":{
            "openidConfigurationUrl":"https://example.com/.well-known/openid-configuration",
            "clientName":"Example Client",
            "endpoint":"https://iam.ionos.com/realms/cloud/.well-known/openid-configuration"
         }
      }
   }
}

PreviousRetrieve all Identity Providers NextDelete an Identity Provider

Last updated 1 day ago

Was this helpful?