# Create Identity Provider
{% hint style="info" %}
**Prerequisite:** Only contract administrators, owners, and users with `accessAndManageIamResources` privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see [Set User Privileges for Identity and Access Management](https://docs.ionos.com/sections-test/guides/set-up-ionos-cloud/management/identity-access-management/iam-federation/how-tos/set-user-privileges-iam-dcd).
{% endhint %}
To create a new Identity Provider (IDP), perform a `POST` request.
## Endpoint
Use the following endpoint to create an IDP: `https://iam.ionos.com/federation/identityproviders`.
{% hint style="info" %}
**Info:** You can find the configuration details in the discovery endpoint. For more information, see [Discovery endpoint](https://docs.ionos.com/sections-test/guides/set-up-ionos-cloud/management/identity-access-management/how-tos/configure-iam-federation#discovery-endpoint).
{% endhint %}
## Request
{% tabs %}
{% tab title="OIDC" %}
```bash
curl --location \
--request POST 'https://iam.ionos.com/federation/identityproviders' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"metadata": {},
"properties": {
"type": "oidc",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"oidc": {
"openidConfigurationUrl": "https://example.com/.well-known/openid-configuration",
"clientSecret": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB...",
"clientName": "Example Client"
}
}
}
}'
```
{% endtab %}
{% tab title="SAML" %}
```bash
curl --location \
--request POST 'https://iam.ionos.com/federation/identityproviders' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data '{
"metadata": {},
"properties": {
"type": "saml",
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB..."
}
}
}
}'
```
{% endtab %}
{% endtabs %}
{% tabs %}
{% tab title="Request Body Parameters" %}
Below is the list of mandatory body parameters:
| **Body Parameters** | **Type** | **Description** | **Example** |
| ------------------- | -------- | --------------------------------------------------------- | ---------------------- |
| `properties` | object | Properties with all the data needed to create a new IDP. | `example.com` |
| `type` | string | The type of identityProvider configuration. | `oidc`, `saml` |
| `name` | string | Name to uniquely identify the IDP. | `IdentityProvider ABC` |
| `enabled` | boolean | Choose to enable or disable the IDP. | `true` |
| `configuration` | object | Specify the configuration details of the identity broker. | `oidc`, `saml` |
| {% endtab %} | | | |
{% tab title="Request Header Parameters" %}
To make authenticated requests to the API, the following fields are mandatory in the request header:
| **Header Parameters** | **Required** | **Type** | **Description** |
| --------------------- | :----------: | :------: | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `Authorization` | yes | string | The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, [Generate authentication token](https://docs.ionos.com/sections-test/guides/set-up-ionos-cloud/management/token-manager#generate-authentication-token). |
| `Content-Type` | yes | string | Set this to `application/json`. |
| {% endtab %} | | | |
| {% endtabs %} | | | |
## Response
**201 Successful operation**
{% tabs %}
{% tab title="OIDC" %}
```bash
{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type": "identityprovider",
"href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::"
},
"properties": {
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"oidc": {
"openidConfigurationUrl": "https://example.com/.well-known/openid-configuration",
"clientName": "Example Client",
"endpoint": "https://iam.ionos.com/realms/cloud/.well-known/openid-configuration"
}
}
}
}
```
{% endtab %}
{% tab title="SAML" %}
```bash
{
"id": "5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type": "identityprovider",
"href": "/identityproviders/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::",
"redirectURI": "https://iam.ionos.com/realms/cloud/broker/identityProviderId/endpoint",
"webOrigin": "https://iam.ionos.com"
},
"properties": {
"name": "IdentityProvider ABC",
"enabled": true,
"domain": "yourDomain.com",
"configuration": {
"saml": {
"metadataDescriptor": "https://yourproviderconfiguration/protocol/saml/descriptor",
"x509Certificate": "MIICyzCCAbSgAwIBAgIJAMyYqQJkmRIOMA0GCSqGSIb3DQEB"
}
}
}
}
```
{% endtab %}
{% endtabs %}