# Ensure Identity Provider
{% hint style="info" %}
\*\*Prerequisite:\*\* Only contract administrators, owners, and users with \`accessAndManageIamResources\` privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see \[Set User Privileges for Identity and Access Management]\(../how-tos/set-user-privileges-iam-dcd.md).
{% endhint %}
To update an existing IDP, perform a `PUT` request with the `identityProviderId` of the IDP.
{% hint style="info" %}
**Note:** If an IDP for a given `identityProviderId` does not exist, an IDP is created (ensured) instead.
{% endhint %}
## Endpoint
Use the following endpoint to create or update an IDP: `https://iam.ionos.com/federation/identityproviders/{identityProviderId}`.
## Request**Note:** The following request contains a sample `identityProviderId`. Replace it with the `identityProviderId` value whose information you want to update.
{% tabs %}
{% tab title="OIDC" %}
\`\`\`bash curl --location \ --request PUT '' \ --header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \ --header 'Content-Type: application/json' \ --data '{ "id": "5e6323da-8a45-5732-bec1-d7c29c1dc890", "metadata": {}, "properties": { "type": "oidc", "name": "IdentityProvider ABC", "enabled": true, "domain": "ionos.com", "configuration": { "oidc": { "openidConfigurationUrl": "", "clientSecret": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB...", "clientName": "Example Client" } } } }' \`\`\`
{% endtab %}
{% tab title="SAML" %}
\`\`\`bash curl --location \ --request PUT '' \ --header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \ --header 'Content-Type: application/json' \ --data '{ "id": "5e6323da-8a45-5732-bec1-d7c29c1dc890", "metadata": {}, "properties": { "type": "saml", "name": "IdentityProvider ABC", "enabled": true, "domain": "ionos.com", "configuration": { "saml": { "metadataDescriptor": "", "x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB" } } } }' \`\`\`
{% endtab %}
{% endtabs %}
{% tabs %}
{% tab title="Path Parameters" %}
Below is the list of mandatory path parameter:
| **Body Parameters** | **Type** | **Description** | **Example** |
| -------------------- | -------- | -------------------------------------- | -------------------------------------- |
| `identityProviderId` | string | The ID (UUID) of the IdentityProvider. | `5e6323da-8a45-5732-bec1-d7c29c1dc890` |
Below is the list of mandatory body parameters:
| **Body Parameters** | **Type** | **Description** | **Example** |
| ------------------- | -------- | -------------------------------------------------------------------- | -------------------------------------- |
| `id` | string | The ID (UUID) of the IDP. | `5e6323da-8a45-5732-bec1-d7c29c1dc890` |
| `properties` | object | Properties with all the data needed to update the IDP. | `example.com` |
| `type` | string | The type of identityProvider configuration. | `oidc`, `saml` |
| `name` | string | Name of the IDP. | `IdentityProvider ABC` |
| `enabled` | boolean | Choose to enable or disable the IDP. | `true` |
| `configuration` | object | Specify the configuration details to update for the identity broker. | `oidc`, `saml` |
To make authenticated requests to the API, the following fields are mandatory in the request header:
| **Header Parameters** | **Required** | **Type** | Description |
| --------------------- | :----------: | :------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `Authorization` | yes | string | The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, [Generate authentication token](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/token-manager#generate-authentication-token). |
| `Content-Type` | yes | string | Set this to `application/json`. |
| {% endtab %} | | | |
{% tab title="undefined" %}
### Response
{% endtab %}
{% tab title="undefined" %}
* **200 Successful operation:** IDP is successfully updated.
* **201 Successful operation:** IDP is successfully ensured.
{% endtab %}
{% tab title="undefined" %}
Following is an example of when an IDP is successfully updated or ensured for the given IDP details.
{% endtab %}
{% tab title="undefined" %}
{% tabs %}
{% tab title="OIDC" %}
\`\`\`bash { "id":"5e6323da-8a45-5732-bec1-d7c29c1dc890", "type":"identityprovider", "href":"/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890", "metadata":{ "createdDate":"2020-12-10T13:37:50+01:00", "createdBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "createdByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedDate":"2020-12-11T13:37:50+01:00", "lastModifiedBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "resourceURN":"ionos::::" }, "properties":{ "name":"IdentityProvider ABC", "enabled":true, "domain":"ionos.com", "configuration":{ "oidc":{ "openidConfigurationUrl":"", "clientName":"Example Client", "endpoint":"" } } } } \`\`\`
{% endtab %}
{% tab title="SAML" %}
\`\`\`bash { "id": "5e6323da-8a45-5732-bec1-d7c29c1dc890", "type": "identityprovider", "href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890", "metadata": { "createdDate": "2020-12-10T13:37:50+01:00", "createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedDate": "2020-12-11T13:37:50+01:00", "lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3", "resourceURN": "ionos::::" }, "properties": { "name": "IdentityProvider ABC", "enabled": true, "domain": "ionos.com", "configuration": { "saml": { "metadataDescriptor": "", "endpoint": "" } } } } \`\`\`
{% endtab %}
{% endtabs %}
{% endtab %}
{% endtabs %}