Get identity provider (IdP) by ID
GET/v2/idps/:id
Returns an identity provider (social/enterprise login) by its ID, which can be of the type Google, AzureAD, etc.
Request​
Path Parameters
Responses​
- 200
- 403
- 404
- default
OK
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
idp
object
Unique identifier for the identity provider.
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [IDP_STATE_UNSPECIFIED
, IDP_STATE_ACTIVE
, IDP_STATE_INACTIVE
, IDP_STATE_REMOVED
, IDP_STATE_MIGRATED
]
Default value: IDP_STATE_UNSPECIFIED
Current state of the identity provider.
Possible values: [IDP_TYPE_UNSPECIFIED
, IDP_TYPE_OIDC
, IDP_TYPE_JWT
, IDP_TYPE_LDAP
, IDP_TYPE_OAUTH
, IDP_TYPE_AZURE_AD
, IDP_TYPE_GITHUB
, IDP_TYPE_GITHUB_ES
, IDP_TYPE_GITLAB
, IDP_TYPE_GITLAB_SELF_HOSTED
, IDP_TYPE_GOOGLE
, IDP_TYPE_APPLE
, IDP_TYPE_SAML
]
Default value: IDP_TYPE_UNSPECIFIED
Type of the identity provider, for example OIDC, JWT, LDAP and SAML.
config
object
Configuration for the type of the identity provider.
options
object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
ldap
object
attributes
object
google
object
Client id of the Google application.
The scopes requested by ZITADEL during the request to Google.
oauth
object
Client id generated by the identity provider.
The endpoint where ZITADEL send the user to authenticate.
The endpoint where ZITADEL can get the token.
The endpoint where ZITADEL can get the user information.
The scopes requested by ZITADEL during the request on the identity provider.
Defines how the attribute is called where ZITADEL can get the id of the user.
oidc
object
The OIDC issuer of the identity provider.
Client id generated by the identity provider.
The scopes requested by ZITADEL during the request on the identity provider.
If true, provider information get mapped from the id token, not from the userinfo endpoint.
jwt
object
The endpoint where the JWT can be extracted.
The issuer of the JWT (for validation).
The endpoint to the key (JWK) which is used to sign the JWT with.
The name of the header where the JWT is sent in, default is authorization.
github
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
githubEs
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
gitlab
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
gitlabSelfHosted
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
azureAd
object
tenant
object
Defines what user accounts should be able to login (Personal, Organizational, All).
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent).
The scopes requested by ZITADEL during the request to Azure AD.
apple
object
Client id (App ID or Service ID) provided by Apple.
Team ID provided by Apple.
ID of the private key generated by Apple.
The scopes requested by ZITADEL during the request to Apple.
saml
object
Metadata of the SAML identity provider.
Possible values: [SAML_BINDING_UNSPECIFIED
, SAML_BINDING_POST
, SAML_BINDING_REDIRECT
, SAML_BINDING_ARTIFACT
]
Default value: SAML_BINDING_UNSPECIFIED
Binding which defines the type of communication with the identity provider.
Boolean which defines if the authentication requests are signed.
Possible values: [SAML_NAME_ID_FORMAT_UNSPECIFIED
, SAML_NAME_ID_FORMAT_EMAIL_ADDRESS
, SAML_NAME_ID_FORMAT_PERSISTENT
, SAML_NAME_ID_FORMAT_TRANSIENT
]
Default value: SAML_NAME_ID_FORMAT_UNSPECIFIED
nameid-format
for the SAML Request.
Optional name of the attribute, which will be used to map the user
in case the nameid-format returned is urn:oasis:names:tc:SAML:2.0:nameid-format:transient
.
{
"idp": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"changeDate": "2024-12-20T16:04:45.253Z",
"resourceOwner": "69629023906488334"
},
"state": "IDP_STATE_UNSPECIFIED",
"name": "Google",
"type": "IDP_TYPE_UNSPECIFIED",
"config": {
"options": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
},
"ldap": {
"servers": [
"string"
],
"startTls": true,
"baseDn": "string",
"bindDn": "string",
"userBase": "string",
"userObjectClasses": [
"string"
],
"userFilters": [
"string"
],
"timeout": "string",
"attributes": {
"idAttribute": "string",
"firstNameAttribute": "string",
"lastNameAttribute": "string",
"displayNameAttribute": "string",
"nickNameAttribute": "string",
"preferredUsernameAttribute": "string",
"emailAttribute": "string",
"emailVerifiedAttribute": "string",
"phoneAttribute": "string",
"phoneVerifiedAttribute": "string",
"preferredLanguageAttribute": "string",
"avatarUrlAttribute": "string",
"profileAttribute": "string"
}
},
"google": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"oauth": {
"clientId": "client-id",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id"
},
"oidc": {
"issuer": "https://accounts.google.com/",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
],
"isIdTokenMapping": true
},
"jwt": {
"jwtEndpoint": "https://accounts.google.com",
"issuer": "https://accounts.google.com",
"keysEndpoint": "https://accounts.google.com/keys",
"headerName": "x-auth-token"
},
"github": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"githubEs": {
"clientId": "client-id",
"authorizationEndpoint": "string",
"tokenEndpoint": "string",
"userEndpoint": "string",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlab": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlabSelfHosted": {
"issuer": "string",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"azureAd": {
"clientId": "client-id",
"tenant": {
"tenantType": "AZURE_AD_TENANT_TYPE_COMMON",
"tenantId": "string"
},
"emailVerified": true,
"scopes": [
"openid",
"profile",
"email",
"User.Read"
]
},
"apple": {
"clientId": "com.client.id",
"teamId": "ALT03JV3OS",
"keyId": "OGKDK25KD",
"scopes": [
"name",
"email"
]
},
"saml": {
"metadataXml": "string",
"binding": "SAML_BINDING_UNSPECIFIED",
"withSignedRequest": true,
"nameIdFormat": "SAML_NAME_ID_FORMAT_UNSPECIFIED",
"transientMappingAttributeName": "string"
}
}
}
}
- Schema
- Example (from schema)
Schema
idp
object
Unique identifier for the identity provider.
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [IDP_STATE_UNSPECIFIED
, IDP_STATE_ACTIVE
, IDP_STATE_INACTIVE
, IDP_STATE_REMOVED
, IDP_STATE_MIGRATED
]
Default value: IDP_STATE_UNSPECIFIED
Current state of the identity provider.
Possible values: [IDP_TYPE_UNSPECIFIED
, IDP_TYPE_OIDC
, IDP_TYPE_JWT
, IDP_TYPE_LDAP
, IDP_TYPE_OAUTH
, IDP_TYPE_AZURE_AD
, IDP_TYPE_GITHUB
, IDP_TYPE_GITHUB_ES
, IDP_TYPE_GITLAB
, IDP_TYPE_GITLAB_SELF_HOSTED
, IDP_TYPE_GOOGLE
, IDP_TYPE_APPLE
, IDP_TYPE_SAML
]
Default value: IDP_TYPE_UNSPECIFIED
Type of the identity provider, for example OIDC, JWT, LDAP and SAML.
config
object
Configuration for the type of the identity provider.
options
object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
ldap
object
attributes
object
google
object
Client id of the Google application.
The scopes requested by ZITADEL during the request to Google.
oauth
object
Client id generated by the identity provider.
The endpoint where ZITADEL send the user to authenticate.
The endpoint where ZITADEL can get the token.
The endpoint where ZITADEL can get the user information.
The scopes requested by ZITADEL during the request on the identity provider.
Defines how the attribute is called where ZITADEL can get the id of the user.
oidc
object
The OIDC issuer of the identity provider.
Client id generated by the identity provider.
The scopes requested by ZITADEL during the request on the identity provider.
If true, provider information get mapped from the id token, not from the userinfo endpoint.
jwt
object
The endpoint where the JWT can be extracted.
The issuer of the JWT (for validation).
The endpoint to the key (JWK) which is used to sign the JWT with.
The name of the header where the JWT is sent in, default is authorization.
github
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
githubEs
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
gitlab
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
gitlabSelfHosted
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
azureAd
object
tenant
object
Defines what user accounts should be able to login (Personal, Organizational, All).
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent).
The scopes requested by ZITADEL during the request to Azure AD.
apple
object
Client id (App ID or Service ID) provided by Apple.
Team ID provided by Apple.
ID of the private key generated by Apple.
The scopes requested by ZITADEL during the request to Apple.
saml
object
Metadata of the SAML identity provider.
Possible values: [SAML_BINDING_UNSPECIFIED
, SAML_BINDING_POST
, SAML_BINDING_REDIRECT
, SAML_BINDING_ARTIFACT
]
Default value: SAML_BINDING_UNSPECIFIED
Binding which defines the type of communication with the identity provider.
Boolean which defines if the authentication requests are signed.
Possible values: [SAML_NAME_ID_FORMAT_UNSPECIFIED
, SAML_NAME_ID_FORMAT_EMAIL_ADDRESS
, SAML_NAME_ID_FORMAT_PERSISTENT
, SAML_NAME_ID_FORMAT_TRANSIENT
]
Default value: SAML_NAME_ID_FORMAT_UNSPECIFIED
nameid-format
for the SAML Request.
Optional name of the attribute, which will be used to map the user
in case the nameid-format returned is urn:oasis:names:tc:SAML:2.0:nameid-format:transient
.
{
"idp": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"changeDate": "2024-12-20T16:04:45.258Z",
"resourceOwner": "69629023906488334"
},
"state": "IDP_STATE_UNSPECIFIED",
"name": "Google",
"type": "IDP_TYPE_UNSPECIFIED",
"config": {
"options": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
},
"ldap": {
"servers": [
"string"
],
"startTls": true,
"baseDn": "string",
"bindDn": "string",
"userBase": "string",
"userObjectClasses": [
"string"
],
"userFilters": [
"string"
],
"timeout": "string",
"attributes": {
"idAttribute": "string",
"firstNameAttribute": "string",
"lastNameAttribute": "string",
"displayNameAttribute": "string",
"nickNameAttribute": "string",
"preferredUsernameAttribute": "string",
"emailAttribute": "string",
"emailVerifiedAttribute": "string",
"phoneAttribute": "string",
"phoneVerifiedAttribute": "string",
"preferredLanguageAttribute": "string",
"avatarUrlAttribute": "string",
"profileAttribute": "string"
}
},
"google": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"oauth": {
"clientId": "client-id",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id"
},
"oidc": {
"issuer": "https://accounts.google.com/",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
],
"isIdTokenMapping": true
},
"jwt": {
"jwtEndpoint": "https://accounts.google.com",
"issuer": "https://accounts.google.com",
"keysEndpoint": "https://accounts.google.com/keys",
"headerName": "x-auth-token"
},
"github": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"githubEs": {
"clientId": "client-id",
"authorizationEndpoint": "string",
"tokenEndpoint": "string",
"userEndpoint": "string",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlab": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlabSelfHosted": {
"issuer": "string",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"azureAd": {
"clientId": "client-id",
"tenant": {
"tenantType": "AZURE_AD_TENANT_TYPE_COMMON",
"tenantId": "string"
},
"emailVerified": true,
"scopes": [
"openid",
"profile",
"email",
"User.Read"
]
},
"apple": {
"clientId": "com.client.id",
"teamId": "ALT03JV3OS",
"keyId": "OGKDK25KD",
"scopes": [
"name",
"email"
]
},
"saml": {
"metadataXml": "string",
"binding": "SAML_BINDING_UNSPECIFIED",
"withSignedRequest": true,
"nameIdFormat": "SAML_NAME_ID_FORMAT_UNSPECIFIED",
"transientMappingAttributeName": "string"
}
}
}
}
- Schema
- Example (from schema)
Schema
idp
object
Unique identifier for the identity provider.
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [IDP_STATE_UNSPECIFIED
, IDP_STATE_ACTIVE
, IDP_STATE_INACTIVE
, IDP_STATE_REMOVED
, IDP_STATE_MIGRATED
]
Default value: IDP_STATE_UNSPECIFIED
Current state of the identity provider.
Possible values: [IDP_TYPE_UNSPECIFIED
, IDP_TYPE_OIDC
, IDP_TYPE_JWT
, IDP_TYPE_LDAP
, IDP_TYPE_OAUTH
, IDP_TYPE_AZURE_AD
, IDP_TYPE_GITHUB
, IDP_TYPE_GITHUB_ES
, IDP_TYPE_GITLAB
, IDP_TYPE_GITLAB_SELF_HOSTED
, IDP_TYPE_GOOGLE
, IDP_TYPE_APPLE
, IDP_TYPE_SAML
]
Default value: IDP_TYPE_UNSPECIFIED
Type of the identity provider, for example OIDC, JWT, LDAP and SAML.
config
object
Configuration for the type of the identity provider.
options
object
Enable if users should be able to link an existing ZITADEL user with an external account.
Enable if users should be able to create a new account in ZITADEL when using an external account.
Enable if a new account in ZITADEL should be created automatically when login with an external account.
Enable if a the ZITADEL account fields should be updated automatically on each login.
Possible values: [AUTO_LINKING_OPTION_UNSPECIFIED
, AUTO_LINKING_OPTION_USERNAME
, AUTO_LINKING_OPTION_EMAIL
]
Default value: AUTO_LINKING_OPTION_UNSPECIFIED
Enable if users should get prompted to link an existing ZITADEL user to an external account if the selected attribute matches.
ldap
object
attributes
object
google
object
Client id of the Google application.
The scopes requested by ZITADEL during the request to Google.
oauth
object
Client id generated by the identity provider.
The endpoint where ZITADEL send the user to authenticate.
The endpoint where ZITADEL can get the token.
The endpoint where ZITADEL can get the user information.
The scopes requested by ZITADEL during the request on the identity provider.
Defines how the attribute is called where ZITADEL can get the id of the user.
oidc
object
The OIDC issuer of the identity provider.
Client id generated by the identity provider.
The scopes requested by ZITADEL during the request on the identity provider.
If true, provider information get mapped from the id token, not from the userinfo endpoint.
jwt
object
The endpoint where the JWT can be extracted.
The issuer of the JWT (for validation).
The endpoint to the key (JWK) which is used to sign the JWT with.
The name of the header where the JWT is sent in, default is authorization.
github
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
githubEs
object
The client ID of the GitHub App.
The scopes requested by ZITADEL during the request to GitHub.
gitlab
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
gitlabSelfHosted
object
Client id of the GitLab application.
The scopes requested by ZITADEL during the request to GitLab.
azureAd
object
tenant
object
Defines what user accounts should be able to login (Personal, Organizational, All).
Possible values: [AZURE_AD_TENANT_TYPE_COMMON
, AZURE_AD_TENANT_TYPE_ORGANISATIONS
, AZURE_AD_TENANT_TYPE_CONSUMERS
]
Default value: AZURE_AD_TENANT_TYPE_COMMON
Azure AD doesn't send if the email has been verified. Enable this if the user email should always be added verified in ZITADEL (no verification emails will be sent).
The scopes requested by ZITADEL during the request to Azure AD.
apple
object
Client id (App ID or Service ID) provided by Apple.
Team ID provided by Apple.
ID of the private key generated by Apple.
The scopes requested by ZITADEL during the request to Apple.
saml
object
Metadata of the SAML identity provider.
Possible values: [SAML_BINDING_UNSPECIFIED
, SAML_BINDING_POST
, SAML_BINDING_REDIRECT
, SAML_BINDING_ARTIFACT
]
Default value: SAML_BINDING_UNSPECIFIED
Binding which defines the type of communication with the identity provider.
Boolean which defines if the authentication requests are signed.
Possible values: [SAML_NAME_ID_FORMAT_UNSPECIFIED
, SAML_NAME_ID_FORMAT_EMAIL_ADDRESS
, SAML_NAME_ID_FORMAT_PERSISTENT
, SAML_NAME_ID_FORMAT_TRANSIENT
]
Default value: SAML_NAME_ID_FORMAT_UNSPECIFIED
nameid-format
for the SAML Request.
Optional name of the attribute, which will be used to map the user
in case the nameid-format returned is urn:oasis:names:tc:SAML:2.0:nameid-format:transient
.
{
"idp": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"changeDate": "2024-12-20T16:04:45.262Z",
"resourceOwner": "69629023906488334"
},
"state": "IDP_STATE_UNSPECIFIED",
"name": "Google",
"type": "IDP_TYPE_UNSPECIFIED",
"config": {
"options": {
"isLinkingAllowed": true,
"isCreationAllowed": true,
"isAutoCreation": true,
"isAutoUpdate": true,
"autoLinking": "AUTO_LINKING_OPTION_UNSPECIFIED"
},
"ldap": {
"servers": [
"string"
],
"startTls": true,
"baseDn": "string",
"bindDn": "string",
"userBase": "string",
"userObjectClasses": [
"string"
],
"userFilters": [
"string"
],
"timeout": "string",
"attributes": {
"idAttribute": "string",
"firstNameAttribute": "string",
"lastNameAttribute": "string",
"displayNameAttribute": "string",
"nickNameAttribute": "string",
"preferredUsernameAttribute": "string",
"emailAttribute": "string",
"emailVerifiedAttribute": "string",
"phoneAttribute": "string",
"phoneVerifiedAttribute": "string",
"preferredLanguageAttribute": "string",
"avatarUrlAttribute": "string",
"profileAttribute": "string"
}
},
"google": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"oauth": {
"clientId": "client-id",
"authorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"tokenEndpoint": "https://oauth2.googleapis.com/token",
"userEndpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": [
"openid",
"profile",
"email"
],
"idAttribute": "user_id"
},
"oidc": {
"issuer": "https://accounts.google.com/",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
],
"isIdTokenMapping": true
},
"jwt": {
"jwtEndpoint": "https://accounts.google.com",
"issuer": "https://accounts.google.com",
"keysEndpoint": "https://accounts.google.com/keys",
"headerName": "x-auth-token"
},
"github": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"githubEs": {
"clientId": "client-id",
"authorizationEndpoint": "string",
"tokenEndpoint": "string",
"userEndpoint": "string",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlab": {
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"gitlabSelfHosted": {
"issuer": "string",
"clientId": "client-id",
"scopes": [
"openid",
"profile",
"email"
]
},
"azureAd": {
"clientId": "client-id",
"tenant": {
"tenantType": "AZURE_AD_TENANT_TYPE_COMMON",
"tenantId": "string"
},
"emailVerified": true,
"scopes": [
"openid",
"profile",
"email",
"User.Read"
]
},
"apple": {
"clientId": "com.client.id",
"teamId": "ALT03JV3OS",
"keyId": "OGKDK25KD",
"scopes": [
"name",
"email"
]
},
"saml": {
"metadataXml": "string",
"binding": "SAML_BINDING_UNSPECIFIED",
"withSignedRequest": true,
"nameIdFormat": "SAML_NAME_ID_FORMAT_UNSPECIFIED",
"transientMappingAttributeName": "string"
}
}
}
}
Returned when the user does not have permission to access the resource.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Returned when the resource does not exist.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}