Creating an Identity Provider

Function

This API is provided for the administrator to create an identity provider.

URI

  • URI format

    PUT /v3/OS-FEDERATION/identity_providers/{id}

  • URI parameters

    Parameter

    Mandatory

    Type

    Description

    id

    Yes

    String

    ID of an identity provider.

Request Parameters

  • Parameters in the request header

    Parameter

    Mandatory

    Type

    Description

    Content-Type

    Yes

    String

    Fill application/json;charset=utf8 in this field.

    X-Auth-Token

    Yes

    String

    Authenticated token with the Security Administrator permission.

  • Parameters in the request body

    Table 1 Parameters in the request body

    Parameter

    Mandatory

    Type

    Description

    identity_provider

    Yes

    Object

    Identity provider information.

    Table 2 identity_provider

    Parameter

    Mandatory

    Type

    Description

    sso_type

    No

    string

    Identity provider type. The following two types are supported:

    • virtual_user_sso: The federated user is mapped to a virtual user after the login is redirected.

    • iam_user_sso: The federated user is mapped to an IAM user after the login is redirected. If you select this type, ensure that you have created an IAM user.

    The default value is virtual_user_sso.

    description

    No

    String

    Description of the identity provider.

    enabled

    No

    Boolean

    Whether an identity provider is enabled. true indicates that the identity provider is enabled. false indicates that the identity provider is disabled. The default value is false.

  • Example request

    PUT https://sample.domain.com/v3/OS-FEDERATION/identity_providers/{id}
    
    {
        "identity_provider": {
            "description": "Stores ACME identities.",
            "enabled": true
        }
    }
    

Response Parameters

  • Parameters in the response body

    Table 3 Parameters in the response body

    Parameter

    Type

    Description

    identity_provider

    Object

    Identity provider information.

    Table 4 identity_provider

    Parameter

    Type

    Description

    sso_type

    string

    Identity provider type.

    id

    String

    Identity provider ID.

    description

    String

    Description of the identity provider.

    enabled

    Boolean

    Whether an identity provider is enabled. true indicates that the identity provider is enabled. false indicates that the identity provider is disabled. The default value is false.

    remote_ids

    Array of strings

    Federated user ID list of an identity provider.

    links

    Object

    Identity provider resource link.

    Table 5 identity_provider.links

    Parameter

    Type

    Description

    self

    String

    Identity provider resource link.

    protocols

    String

    Protocol resource link.

  • Example response

    {
        "identity_provider": {
            "description": "Stores ACME identities",
            "enabled": true,
            "id": "ACME",
    
            "remote_ids": [],
            "links": {
                "protocols": "https://example.com/v3/OS-FEDERATION/identity_providers/ACME/protocols",
                "self": "https://example.com/v3/OS-FEDERATION/identity_providers/ACME"
            }
        }
    }
    

Status Codes

Status Code

Description

201

The request is successful.

400

The server failed to process the request.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

405

The method specified in the request is not allowed for the requested resource.

409

Duplicate identity provider ID.

413

The request entity is too large.

500

Internal server error.

503

Service unavailable.