/role-store/api/v1/identity-providers

post

https://example.com/role-store/api/v1/identity-providers

Create a new Identity Provider.

Body Params

uuid

name

string

required

length between 2 and 2042

Identity provider name, must be unique

token_type

string

enum

required

Token type. Only "JWT" is supported.

Allowed:

jwt_issuer

string

required

length ≤ 2042

JWT issuer

jwt_audience

string

length ≤ 2042

Expected JWT audience. JWT aud claim must either have a single matching value or it must be have an array of values of which at least one value must match.

jwt_subject_type

string

enum

required

JWT subject claim format

Allowed:

jwt_subject_dn_username_attribute

string

If jwt_subject_type is "dn" then jwt_subject_dn_username_attribute specifies the name of the attribute to be used as username when resolving the user

custom_attributes

array of objects

custom_attributes

public_key_method

string

enum

Method for obtaining the token verification public key

Allowed:

public_keys

array of objects

public_keys

x5u_trust_anchor

string

Trust anchor for verifying X.509 certificates fetched from x5u urls. Required if public_key_method is "x5u"

x5u_tls_trust_anchor

string

Trust anchor for TLS server certificates used when fetching X.509 certificates or public keys from x5u urls. If not specified then system trust anchors will be used.

x5u_prefix

uri

The url in the token's x5u claim must start with the x5u_prefix or it will be rejected. x5u_prefix must be a valid https url. Required if public_key_method is "x5u-publickey".

enabled

boolean

Enable/Disable Identity Provider

users_directory

uuid

required

ID of the PrivX user directory from which the users are resolved by token's sub claim. OIDC user directories are not supported.

author

uuid

Identity Provider Author

created

date-time

Creation time

updated

date-time

Time of the last update

updated_by

string

ID of the user who last updated the identity provider

Headers

Authorization

string

required

Defaults to Bearer a-proper-token-goes-here

OAuth2 token

Responses

Language

Credentials

OAuth2

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

201Identity Provider Successfully created

400Bad request

401Unauthorized request, OAuth2 authorization missing or invalid

403Unauthorized request, OAuth2 authorization OK but scope insufficient

404Resource not found

500Internal server error