Modify an existing set of OIDC provider credentials for SSO

Modifies the client secret and/or label of an existing set of OIDC provider credentials for SSO, specified by the client ID.

Path Parameters

• oauth_client_id string required

  An OAuth client ID

Header Parameters

• SlashID-OrgID string required

  The organization ID

  Example: af5fbd30-7ce7-4548-8b30-4cd59cb2aba1
• SlashID-Required-Consistency string

  Possible values: [local_region, all_regions]

  Default value: local_region

  The consistency level required for this request. If the consistency level is not achieved within the timeout, the request will fail with a 408 Request Timeout error. 408 Request Timeout error indicates that request was not handled within the timeout, but it may still be handled after request timeout. Allowed values: * local_region: Wait while the request executes in the local region. * all_regions: Wait while the request executes across all regions. You can learn more about our replication model on our Cross-region Replication Model page.

• SlashID-Required-Consistency-Timeout integer

  Possible values: >= 1 and <= 120

  Default value: 30

  The maximum amount of seconds to wait for the requested consistency level to be achieved. If the consistency level is not achieved within this time, the request will fail with a 408 Request Timeout error. 408 Request Timeout error indicates that request was not handled within the timeout, but it may still be handled after request timeout. You can learn more about our replication model on our Cross-region Replication Model page.

application/json

Request Body

• client_secret string
• label string
• external_cred string

  External credential ID

• external_cred_id string

  External credential ID

• options object

  Options for supported third-party providers.

  google object

  authorize_scopes string[]

  Default value: openid,email,profile

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read Google's documentation to know more.

  Note: scopes openid, email, and profile are always requested.

  github object

  authorize_scopes string[]

  Default value: read:user,user:email

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read GitHub's documentation to know more.

  Note: scopes read:user and user:email are always requested.

  bitbucket object

  authorize_scopes string[]

  Default value: account

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read Bitbucket's documentation to know more.

  Note: scope account is always requested.

  gitlab object

  authorize_scopes string[]

  Default value: read_user

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read GitLab's documentation to know more.

  Note: scope read_user is always requested.

  facebook object

  authorize_scopes string[]

  Default value: email,public_profile

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read Facebook's documentation to know more.

  Note: scopes email and public_profile are always requested.

  line object

  authorize_scopes string[]

  Default value: openid,email,profile

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read Line's documentation to know more.

  Note: scopes openid, email, and profile are always requested.

  azuread object

  authorize_scopes string[]

  Default value: openid,email,profile,User.Read

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read Azure AD's documentation to know more.

  Note: scopes openid, email, profile, and User.Read are always requested.

  tenant string

  Default value: common

  The tenant ID of the Azure AD tenant (a GUID), its tenant domain, or one of the pseudo tenants: common, organizations or consumer.

  Read Azure AD's documentation to know more.

  okta object

  authorize_scopes string[]

  Default value: openid,email,profile

  The scopes of access granted by the access_token expressed as a list of space-delimited, case-sensitive strings.

  Read [Okta's documentation]https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_oidc.htm) to know more.

  Note: scopes openid, email, profile are always requested.

  organization_url string

  The organization URL for Okta.

  Read Okta's documentation to know more.

Responses

• 200
• 400
• 404

---

OK

application/json

• Schema
• Example (from schema)

---

Schema

• meta object

  pagination object

  limit integer

  offset integer

  total_count int64
• errors object[]

  httpcode integer

  message string

{
  "meta": {
    "pagination": {
      "limit": 0,
      "offset": 0,
      "total_count": 0
    }
  },
  "errors": [
    {
      "httpcode": 0,
      "message": "string"
    }
  ]
}

Bad Request

application/json

• Schema
• Example (from schema)

---

Schema

• meta object

  pagination object

  limit integer

  offset integer

  total_count int64
• errors object[]

  httpcode integer

  message string

{
  "meta": {
    "pagination": {
      "limit": 0,
      "offset": 0,
      "total_count": 0
    }
  },
  "errors": [
    {
      "httpcode": 0,
      "message": "string"
    }
  ]
}

Not Found

application/json

• Schema
• Example (from schema)

---

Schema

• meta object

  pagination object

  limit integer

  offset integer

  total_count int64
• errors object[]

  httpcode integer

  message string

{
  "meta": {
    "pagination": {
      "limit": 0,
      "offset": 0,
      "total_count": 0
    }
  },
  "errors": [
    {
      "httpcode": 0,
      "message": "string"
    }
  ]
}