API v2: OpenID Connect Configuration¶
OpenID Connect related endpoints help to create, modify, list and delete OpenID Connect configurations.
Data Structures¶
| Attribute | Type | Required | Description |
|---|---|---|---|
| id | string | Read-only, unique object Identifier. | |
| name | string | yes | Case-insensitive, unique name of the configuration. |
| enabled | boolean | yes | Enabling configuration. |
| bind_to | string | Bind address. | |
| configuration_url | string | yes | This URL is specific for every Identity Provider and allows identifying one for correct configuration. |
| client_id | string | yes | Client id available after the registration on selected provider. |
| client_secret | string | yes | Client secret available after the registration on selected provider. Protected. |
| username_mapping | string | Username mapping is useful when users name has different naming convention. | |
| email_mapping | string | Email mapping is useful when users name has different naming convention. | |
| created_at | datetime | Read-only. Timestamp of creation. | |
| modified_at | datetime | Read-only. Timestamp of modification. | |
| removed | boolean | Read-only. |
Request for Retrieving Available Attributes of the OpenIDModel
| Method | GET
|
| Path | /api/v2/objspec/oidc
|
Note
To check allowed methods, available URL parameters and possible responses please refer to the API Overview section.
The next chapter describes procedures for creating separate requests.
Retrieving Existing OpenID Connect Configurations List¶
Request
| Method | GET
|
| Path | /api/v2/oidc
|
Example Request
Sending GET https://10.0.0.0/api/v2/oidc
curl -s -k -X GET -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/oidc'
Response
{
"result": "success",
"oidc": [
{
"id": "9124292845052624897",
"name": "OKTA",
"enabled": true,
"bind_to": "0.0.0.0",
"configuration_url": "https:\/\/okta.com",
"client_id": "1234567",
"created_at": "2024-06-19 07:51:42.988336-07",
"modified_at": "2024-06-19 07:51:42.988336-07"
}
]
}
Retrieving Existing OpenID Connect Configuration by ID¶
Request
| Method | GET
|
| Path | /api/v2/oidc/<id>
|
Example Request
Sending GET https://10.0.0.0/api/v2/oidc/9124292845052624897
curl -s -k -X GET -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/oidc/9124292845052624897'
Response
{
"result": "success",
"oidc": [
{
"id": "9124292845052624897",
"name": "OKTA",
"enabled": true,
"bind_to": "0.0.0.0",
"configuration_url": "https:\/\/okta.com",
"client_id": "1234567",
"created_at": "2024-06-19 07:51:42.988336-07",
"modified_at": "2024-06-19 07:51:42.988336-07"
}
]
}
Defining OpenID Connect Configuration¶
Request
| Method | POST
|
| Path | /api/v2/oidc
|
| Headers | Content-Type: Application/HTML
|
| Body | OpenIDModel
|
Example Request
Sending POST https://10.0.0.0/api/v2/oidc
curl -s -k -X POST -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/oidc' -H 'Content-Type: application/json' -d'{"name": "OKTA","enabled": true,"configuration_url":"https:\/\/okta.com","client_id":"1234567","client_secret":"Secret"}'
Response
{
"result": "success",
"oidc": {
"id": "9124292845052624898"
}
}
Modifying OpenID Connect Configuration¶
Request
| Method | PATCH
|
| Path | /api/v2/oidc/<id>
|
| Headers | Content-Type: Application/HTML
|
| Body | OpenIDModel
|
Example Request
Sending PATCH https://10.0.0.0/api/v2/oidc/9124292845052624898
curl -s -k -X PATCH -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/oidc/9124292845052624898' -H 'Content-Type: application/json' -d'{"client_id":"1234567","client_secret":"Secret"}'
Response
{
"result": "success",
"oidc": {
"id": "9124292845052624898"
}
}
Deleting OpenID Connect Configuration¶
Request
| Method | DELETE
|
| Path | /api/v2/oidc/<id>
|
Example Request
Sending DELETE https://10.0.0.0/api/v2/oidc/9124292845052624897
curl -s -k -X DELETE -H 'Authorization: vg1ei6rgo58fsbobr7octp0w3afd9vsm' https://10.0.214.98/api/v2/oidc/9124292845052624897
Response
{
"result": "success"
}