# Ensure Identity Provider
{% hint style="info" %}
**Prerequisite:** Only contract administrators, owners, and users with `accessAndManageIamResources` privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see [Set User Privileges for Identity and Access Management](/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation/how-tos/set-user-privileges-iam-dcd.md).
{% endhint %}
To update an existing IDP, perform a `PUT` request with the `identityProviderId` of the IDP.
{% hint style="info" %}
**Note:** If an IDP for a given `identityProviderId` does not exist, an IDP is created (ensured) instead.
{% endhint %}
## Endpoint
Use the following endpoint to create or update an IDP: `https://iam.ionos.com/federation/identityproviders/{identityProviderId}`.
## Request
{% hint style="info" %}
**Note:** The following request contains a sample `identityProviderId`. Replace it with the `identityProviderId` value whose information you want to update.
{% endhint %}
{% tabs %}
{% tab title="OIDC" %}
```bash
curl --location \
--request PUT 'https://iam.ionos.com/federation/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {},
"properties": {
"type": "oidc",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "ionos.com",
"configuration": {
"oidc": {
"openidConfigurationUrl": "https://example.com/.well-known/openid-configuration",
"clientSecret": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB...",
"clientName": "Example Client"
}
}
}
}'
```
{% endtab %}
{% tab title="SAML" %}
```bash
curl --location \
--request PUT 'https://iam.ionos.com/federation/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {},
"properties": {
"type": "saml",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "ionos.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB"
}
}
}
}'
```
{% endtab %}
{% endtabs %}
{% tabs %}
{% tab title="Path Parameters" %}
Below is the list of mandatory path parameter:
| **Body Parameters** | **Type** | **Description** | **Example** |
| -------------------- | -------- | -------------------------------------- | -------------------------------------- |
| `identityProviderId` | string | The ID (UUID) of the IdentityProvider. | `5e6323da-8a45-5732-bec1-d7c29c1dc890` |
| {% endtab %} | | | |
{% tab title="Request Body Parameters" %}
Below is the list of mandatory body parameters:
| **Body Parameters** | **Type** | **Description** | **Example** |
| ------------------- | -------- | -------------------------------------------------------------------- | -------------------------------------- |
| `id` | string | The ID (UUID) of the IDP. | `5e6323da-8a45-5732-bec1-d7c29c1dc890` |
| `properties` | object | Properties with all the data needed to update the IDP. | `example.com` |
| `type` | string | The type of identityProvider configuration. | `oidc`, `saml` |
| `name` | string | Name of the IDP. | `IdentityProvider ABC` |
| `enabled` | boolean | Choose to enable or disable the IDP. | `true` |
| `configuration` | object | Specify the configuration details to update for the identity broker. | `oidc`, `saml` |
| {% endtab %} | | | |
{% tab title="Request Header Parameters" %}
To make authenticated requests to the API, the following fields are mandatory in the request header:
| **Header Parameters** | **Required** | **Type** | Description |
| --------------------- | :----------: | :------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `Authorization` | yes | string | The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, [Generate authentication token](/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager.md#generate-authentication-token). |
| `Content-Type` | yes | string | Set this to `application/json`. |
| {% endtab %} | | | |
| {% endtabs %} | | | |
## Response
* **200 Successful operation:** IDP is successfully updated.
* **201 Successful operation:** IDP is successfully ensured.
Following is an example of when an IDP is successfully updated or ensured for the given IDP details.
{% tabs %}
{% tab title="OIDC" %}
```bash
{
"id":"5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type":"identityprovider",
"href":"/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata":{
"createdDate":"2020-12-10T13:37:50+01:00",
"createdBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate":"2020-12-11T13:37:50+01:00",
"lastModifiedBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN":"ionos::::"
},
"properties":{
"name":"IdentityProvider ABC",
"enabled":true,
"domain":"ionos.com",
"configuration":{
"oidc":{
"openidConfigurationUrl":"https://example.com/.well-known/openid-configuration",
"clientName":"Example Client",
"endpoint":"https://iam.ionos.com/realms/cloud/.well-known/openid-configuration"
}
}
}
}
```
{% endtab %}
{% tab title="SAML" %}
```bash
{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type": "identityprovider",
"href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::"
},
"properties": {
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "ionos.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"endpoint": "https://iam.ionos.com/realms/cloud/broker/yourIdentityProvider/endpoint/descriptor"
}
}
}
}
```
{% endtab %}
{% endtabs %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation/api-how-tos/ensure-identity-provider.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.