GET
/v2/mgmt/sso/settings

Get the current SAML/OIDC configuration settings of a tenant, using a valid management key.

This API endpoint allows you to get the current SAML/OIDC configuration settings of a tenant.

See also

  • See SSO Configuration for further details on managing SSO Configurations on a tenant.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<ProjectId:ManagementKey\>

Try it

/v2/mgmt/sso/settings

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

< Project ID >:< Management Key > as bearer

In: header

Query Parameters

tenantIdstring

Status codeDescription
200OK
curl -X GET "https://api.descope.com/v2/mgmt/sso/settings?tenantId=string" \
  -H "Authorization: Bearer <ProjectId:ManagementKey>"

{
  "tenant": {
    "id": "string",
    "name": "string",
    "selfProvisioningDomains": [
      "string"
    ],
    "customAttributes": {},
    "authType": "string",
    "domains": [
      "string"
    ],
    "createdTime": 0
  },
  "saml": {
    "idpEntityId": "string",
    "idpSSOUrl": "string",
    "idpCertificate": "string",
    "idpMetadataUrl": "string",
    "spEntityId": "string",
    "spACSUrl": "string",
    "spCertificate": "string",
    "attributeMapping": {
      "name": "string",
      "email": "string",
      "username": "string",
      "group": "string",
      "givenName": "string",
      "middleName": "string",
      "familyName": "string",
      "picture": "string",
      "customAttributes": {
        "property1": "string",
        "property2": "string"
      }
    },
    "groupsMapping": [
      {
        "role": {
          "id": "string",
          "name": "string"
        },
        "groups": [
          "string"
        ]
      }
    ],
    "redirectUrl": "string",
    "spSignCertificate": "string",
    "subjectNameIdFormat": "string"
  },
  "oidc": {
    "name": "string",
    "clientId": "string",
    "clientSecret": "string",
    "redirectUrl": "string",
    "authUrl": "string",
    "tokenUrl": "string",
    "userDataUrl": "string",
    "scope": [
      "string"
    ],
    "JWKsUrl": "string",
    "userAttrMapping": {
      "loginId": "string",
      "username": "string",
      "name": "string",
      "email": "string",
      "verifiedEmail": "string",
      "verifiedPhone": "string",
      "picture": "string",
      "givenName": "string",
      "middleName": "string",
      "familyName": "string",
      "customAttributes": {
        "property1": "string",
        "property2": "string"
      }
    },
    "manageProviderTokens": true,
    "callbackDomain": "string",
    "prompt": [
      "string"
    ],
    "grantType": "string",
    "issuer": "string"
  }
}

Was this helpful?