Applications

Descope allows you to configure Applications within the Applications page. Within this page, you can configure your OIDC and SAML applications. When using OIDC applications, Descope becomes the Federated Identity Provider allowing you to unify your user's login experience across multiple providers. When using Descope SAML applications, Descope becomes the Identity Provider itself.

This page is an overview of the OIDC and SAML protocols that Application support. It also highlights the difference between an IdP and SP as it relates to Applications, and how you can associate Applications with users. You can learn more about creating new applications within Descope from the following documentation guides: SAML Applications or OIDC Applications

Note: Configuring a Custom Applications is an enterprise-tier feature.

Identity Provider (IdP) vs Service Provider (SP)

Identity Provider (IdP)

An Identity Provider (IdP) system creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network. It is responsible for verifying the identity of users and issuing authentication tokens or credentials.

Service Provider (SP)

A Service Provider (SP) is an entity that provides web-based applications, services, or resources to users after successful authentication from an IdP. The SP relies on the IdP to authenticate users and may grant or deny access to its services based on that authentication.

What is SAML

Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorization data between parties. In a typical SAML flow, a user tries to access a service (often called a "Service Provider" or SP). If the user isn't authenticated, they are redirected to an Identity Provider (IdP), where they authenticate. Upon successful authentication, the IdP returns a SAML assertion to the SP. This assertion contains statements (or assertions) about the user, such as their name, roles, and other attributes. The SP then uses this assertion to grant access to the user. This process enables Single Sign-On (SSO), allowing users to authenticate once with the IdP and gain access to multiple services without being prompted to log in again.

What is OIDC

OpenID Connect (OIDC) is a protocol that sits on top of the OAuth 2.0 protocol, designed to authenticate users. While OAuth 2.0 is primarily about authorization (delegating access to resources without sharing credentials), OIDC extends this with identity features, enabling clients to verify the end-users identity based on the authentication performed by an authorization server. OIDC uses JSON Web Tokens (JWT) to represent the identity information. In the context of OIDC, the term "Federated Identity Providers" often comes up. Federated identity refers to linking a person's electronic identity and attributes stored across multiple identity management systems. This means a user can use a single set of credentials to authenticate across multiple domains or services.

SAML vs OIDC

The most prominent differences between SAML and OIDC are their formats and the use cases they typically address. SAML uses XML for its assertions, while OIDC uses JSON Web Tokens (JWT). Additionally, SAML has been around longer and is often associated with enterprise Single Sign-On in web applications. In contrast, OIDC is a newer protocol commonly used for authenticating users in modern web, mobile, and API applications, building upon the OAuth 2.0 framework. Another key difference is in their focus: SAML encompasses authentication and authorization, while OIDC is primarily for authentication on top of the OAuth 2.0 authorization framework.

Associating Users with Applications

Users can be associated with Applications when using Descope as a SAML/OIDC provider. If you wish to restrict the user's ability to sign up or in, with a specific Application, you can utilize this feature to do so. You can do this either in the Console or via the Management SDKs.


This image shows OIDC federated authentication flow with Descope.

Managing Applications Using the Management SDK

Install SDK

NodeJSPythonGoJavaRuby
npm i --save @descope/node-sdk
pip3 install descope
go get github.com/descope/go-sdk
// Include the following in your `pom.xml` (for Maven)
<dependency>
    <artifactId>java-sdk</artifactId>
    <groupId>com.descope</groupId>
    <version>sdk-version</version> // Check https://github.com/descope/descope-java/releases for the latest versions
</dependency>
gem install descope

Import and initialize Management SDK

NodeJSPythonGoJavaRuby
import DescopeClient from '@descope/node-sdk';

const managementKey = "xxxx"

try{
    //  baseUrl="<URL>" // When initializing the Descope clientyou can also configure the baseUrl ex: https://auth.company.com  - this is useful when you utilize CNAME within your Descope project.
    const descopeClient = DescopeClient({ projectId: '__ProjectID__', managementKey: managementKey });
} catch (error) {
    // handle the error
    console.log("failed to initialize: " + error)
}

// Note that you can handle async operation failures and capture specific errors to customize errors.
//     An example can be found here: https://github.com/descope/node-sdk?tab=readme-ov-file#error-handling
from descope import (
    REFRESH_SESSION_TOKEN_NAME,
    SESSION_TOKEN_NAME,
    AuthException,
    DeliveryMethod,
    DescopeClient,
    AssociatedTenant,
    RoleMapping,
    AttributeMapping
)

management_key = "xxxx"

try:
    # You can configure the baseURL by setting the env variable Ex: export DESCOPE_BASE_URI="https://auth.company.com  - this is useful when you utilize CNAME within your Descope project."
    descope_client = DescopeClient(project_id='__ProjectID__', management_key=management_key)
except Exception as error:
    # handle the error
    print ("failed to initialize. Error:")
    print (error)
import "github.com/descope/go-sdk/descope"
import "github.com/descope/go-sdk/descope/client"
import "fmt"

// Utilizing the context package allows for the transmission of context capabilities like cancellation
//      signals during the function call. In cases where context is absent, the context.Background()
//      function serves as a viable alternative.
//      Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
import (
	"context"
)

managementKey = "xxxx"

// DescopeBaseURL // within the client.Config, you can also configure the baseUrl ex: https://auth.company.com  - this is useful when you utilize CNAME within your Descope project.
descopeClient, err := client.NewWithConfig(&client.Config{ProjectID:"__ProjectID__", managementKey:managementKey})
if err != nil {
    // handle the error
    log.Println("failed to initialize: " + err.Error())
}
import com.descope.client;

// Initialized after setting the DESCOPE_PROJECT_ID env var (and optionally DESCOPE_MANAGEMENT_KEY)
var descopeClient = new DescopeClient();

// ** Or directly **
var descopeClient = new DescopeClient(Config.builder()
        .projectId("__ProjectID__")
        .managementKey("management-key")
        .build());
require 'descope'


descope_client = Descope::Client.new(
  {
    project_id: '__ProjectID__',
    management_key: 'management_key'
  }
)

Load All Applications

Load all Applications.

NodeJSPythonGoJava
const resp = await descopeClient.management.ssoApplication.loadAll()
if (!resp.ok) {
  console.log("Failed to load Applications.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully loaded Applications.")
  console.log(resp.data)
}
try:
  resp = descope_client.mgmt.sso_application.load_all()
  print("Successfully loaded Applications.")
  print(json.dumps(resp, indent=4))
except AuthException as error:
  print ("Failed to load Applications.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()

res, err := descopeClient.Management.SSOApplication().LoadAll(ctx)
if  (err != nil){
  fmt.Println("Failed to load Applications.", err)
} else {
  fmt.Println("Successfully loaded Applications.")
  for _, permission := range res {
    fmt.Println(permission)
  }
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

// Load all Applications
try {
    IdPApplications resp = ssoas.loadAll();
    for (IdPApplications sso : resp.IdPApplications()) {
        // Do something
    }
} catch (DescopeException de) {
    // Handle the error
}

Load a Specific Application

Load an Application by ID.

NodeJSPythonGoJava
// Args:
//  id (str): The ID of the sso application to load.
const id = "xxxxx"

const resp = await descopeClient.management.ssoApplication.load(id)
if (!resp.ok) {
  console.log("Failed to load Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully loaded Application.")
  console.log(resp.data)
}
# Args:
#  id (str): The ID of the sso application to load.
id = "xxxxx"

try:
  resp = descope_client.mgmt.sso_application.load(id=id)
  print("Successfully loaded Application.")
  print(json.dumps(resp, indent=4))
except AuthException as error:
  print ("Failed to load Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    ID (str): The ID of the sso application to load.
ID := "xxxxx"

res, err := descopeClient.Management.SSOApplication().Load(ctx, ID)
if  (err != nil){
  fmt.Println("Failed to load Application.", err)
} else {
  fmt.Println("Successfully loaded Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.load(id);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}

Create OIDC Application

Create a new OIDC Application with the given name. Application IDs are provisioned automatically but can be explicitly configured if needed. Both the name and ID must be unique per project.

NodeJSPythonGoJava
//  Args:
//    oidcApplicationOptions (OidcApplicationOptions): Options for the OIDC Application create and update
const oidcApplicationOptions = {
  "name": "My OIDC Application",
  "loginPageUrl": "https://my-idp-application.com/login",
  // "id": (optional),
  "description": "This is my OIDC Application",
  "logo": "https://my-idp-application.com/logo",
  "enabled": true
}

const resp = await descopeClient.management.ssoApplication.createOidcApplication(oidcApplicationOptions)
if (!resp.ok) {
  console.log("Failed to create OIDC Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully created OIDC Application.")
  console.log(resp.data)
}
#  Args:
#    name (str): The sso application's name.
name = "My OIDC Application"
#    login_page_url (str): The URL where login page is hosted.
login_page_url = "https://my-idp-application.com/login"
#    id (str): Optional sso application ID.
#    description (str): Optional sso application description.
description = "This is my OIDC Application"
#    logo (str): Optional sso application logo.
logo = "https://my-idp-application.com/logo"

try:
  resp = descope_client.mgmt.sso_application.create_oidc_application(
    name=name,
    login_page_url=login_page_url,
    description=description,
    logo=logo
    )
  print("Successfully created OIDC Application.")
except AuthException as error:
  print ("Failed to create OIDC Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    OidcApplicationOptions (&descope.OIDCApplicationRequest): Options for the OIDC Application create and update
OidcApplicationOptions := &descope.OIDCApplicationRequest{
  // ID: (optional),
  Name: "My OIDC Application",
  Description: "This is my OIDC Application",
  Enabled: true,
  Logo: "https://my-idp-application.com/logo",
  LoginPageURL: "https://my-idp-application.com/login"
}

res, err := descopeClient.Management.SSOApplication().CreateOIDCApplication(ctx, OidcApplicationOptions)
if  (err != nil){
  fmt.Println("Failed to create OIDC Application.", err)
} else {
  fmt.Println("Successfully created OIDC Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.createOIDCApplication(OIDCApplicationRequest);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}

Update OIDC Application

Update an existing OIDC Application with the given parameters. Note: All provided parameters are used as overrides to the existing application. Empty fields will override populated fields.

NodeJSPythonGoJava
//  Args:
//    oidcApplicationOptions (OidcApplicationOptions): Options for the OIDC Application create and update
const oidcApplicationOptions = {
  "name": "My OIDC Application",
  "loginPageUrl": "https://my-idp-application.com/login",
  "id": "xxxxx",
  "description": "This is my OIDC Application",
  "logo": "https://my-idp-application.com/logo",
  "enabled": true
}

const resp = await descopeClient.management.ssoApplication.updateOidcApplication(oidcApplicationOptions)
if (!resp.ok) {
  console.log("Failed to update OIDC Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully updated OIDC Application.")
  console.log(resp.data)
}
#  Args:
#     id (str): The ID of the sso application to update.
id = "xxxxx"
#     name (str): Updated sso application name
name = "My OIDC Application"
#    login_page_url (str): The URL where login page is hosted.
login_page_url = "https://my-idp-application.com/login"
#    description (str): Optional sso application description.
description = "This is my OIDC Application"
#    logo (str): Optional sso application logo.
logo = "https://my-idp-application.com/logo"
#    enabled (bool): Optional (default True) does the sso application will be enabled or disabled.
enabled = True

try:
  resp = descope_client.mgmt.sso_application.update_oidc_application(
    id=id,
    name=name,
    login_page_url=login_page_url,
    description=description,
    logo=logo,
    enabled=enabled
    )
  print("Successfully updated OIDC Application.")
except AuthException as error:
  print ("Failed to update OIDC Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    OidcApplicationOptions (&descope.OIDCApplicationRequest): Options for the OIDC Application create and update
OidcApplicationOptions := &descope.OIDCApplicationRequest{
  ID: "xxxxx",
  Name: "My OIDC Application",
  Description: "This is my OIDC Application",
  Enabled: true,
  Logo: "https://my-idp-application.com/logo",
  LoginPageURL: "https://my-idp-application.com/login"
}

res, err := descopeClient.Management.SSOApplication().UpdateOIDCApplication(ctx, OidcApplicationOptions)
if  (err != nil){
  fmt.Println("Failed to update OIDC Application.", err)
} else {
  fmt.Println("Successfully updated OIDC Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.updateOIDCApplication(OIDCApplicationRequest);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}

Create SAML Application

Create a new SAML Application with the given name. Application IDs are provisioned automatically but can be explicitly configured if needed. Both the name and ID must be unique per project.

NodeJSPythonGoJava
//  Args:
//    samlApplicationOptions (SamlApplicationOptions): Options for the SAML Application create and update
const samlApplicationOptions = {
  "name": "My SAML Application",
  "loginPageUrl": "https://my-idp-application.com/login",
  // "id": (optional),
  "description": "This is my SAML Application",
  "logo": "https://my-idp-application.com/logo",
  "enabled": true,
  "useMetadataInfo": true,
  "metadataUrl": "https://myapp.com/metadata",
  // entityId?: (optional),
  // "acsUrl": (optional),
  // "certificate": (optional),
  // "attributeMapping": (optional),
  // "groupsMapping": (optional),
  // "acsAllowedCallbacks": (optional),
  // "subjectNameIdType": (optional),
  // "subjectNameIdFormat": (optional)
}

const resp = await descopeClient.management.ssoApplication.createSamlApplication(samlApplicationOptions)
if (!resp.ok) {
  console.log("Failed to create SAML Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully created SAML Application.")
  console.log(resp.data)
}
# Args:
#   name (str): The sso application's name.
name = "My SAML Application"
#   login_page_url (str): The URL where login page is hosted.
login_page_url = "https://my-idp-application.com/login"
#   id (str): Optional sso application ID.
#   description (str): Optional sso application description.
description = "This is my SAML Application"
#   logo (str): Optional sso application logo.
logo = "https://my-idp-application.com/logo"
#   enabled (bool): Optional set the sso application as enabled or disabled.
enabled = True
#   use_metadata_info (bool): Optional determine if SP info should be automatically fetched from metadata_url or by specified it by the entity_id, acs_url, certificate parameters.
use_metadata_info = True
#   metadata_url (str): Optional SP metadata url which include all the SP SAML info.
metadata_url = "https://myapp.com/metadata"
#   entity_id (str): Optional SP entity id.
#   acs_url (str): Optional SP ACS (saml callback) url.
#   certificate (str): Optional SP certificate, relevant only when SAML request must be signed.
#   attribute_mapping (List[SAMLIDPAttributeMappingInfo]): Optional list of Descope (IdP) attributes to SP mapping.
#   groups_mapping (List[SAMLIDPGroupsMappingInfo]): Optional list of Descope (IdP) roles that will be mapped to SP groups.
#   acs_allowed_callbacks (List[str]): Optional list of urls wildcards strings represents the allowed ACS urls that will be accepted while arriving on the SAML request as SP callback urls.
acs_allowed_callbacks = ["https://my-idp-application.com/", "https://my-idp-application.com/callback"]
#   subject_name_id_type (str): Optional define the SAML Assertion subject name type, leave empty for using Descope user-id or set to "email"/"phone".
#   subject_name_id_format (str): Optional define the SAML Assertion subject name format, leave empty for using "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified".

try:
  resp = descope_client.mgmt.sso_application.create_saml_application(
    name=name,
    login_page_url=login_page_url,
    description=description,
    logo=logo,
    enabled=enabled,
    use_metadata_info=use_metadata_info,
    metadata_url=metadata_url,
    acs_allowed_callbacks=acs_allowed_callbacks
    )
  print("Successfully created SAML Application.")
except AuthException as error:
  print ("Failed to create SAML Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    SAMLApplicationOptions (&descope.SAMLApplicationRequest): Options for the SAML Application create and update
OidcApplicationOptions := &descope.SAMLApplicationRequest{
  ID: "xxxxx",
  Name: "My OIDC Application",
  Description: "This is my OIDC Application",
  Enabled: true,
  Logo: "https://my-idp-application.com/logo",
  LoginPageURL: "https://my-idp-application.com/login",
  UseMetadataInfo: true,
  MetadataURL: "https://myapp.com/metadata",
  // EntityID: (optional),
  // AcsURL: (optional),
  // Certificate: (optional),
  // AttributeMapping: (optional),
  // GroupsMapping: (optional),
  // AcsAllowedCallbacks: (optional),
  // SubjectNameIDType: (optional),
  // SubjectNameIDFormat:(optional)
}

res, err := descopeClient.Management.SSOApplication().CreateSAMLApplication(ctx, OidcApplicationOptions)
if  (err != nil){
  fmt.Println("Failed to create SAML Application.", err)
} else {
  fmt.Println("Successfully created SAML Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.createSAMLApplication(SAMLApplicationRequest);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}

Update SAML Application

Update an existing SAML Application with the given parameters. Note: All provided parameters are used as overrides to the existing application. Empty fields will override populated fields.

NodeJSPythonGoJava
//  Args:
//    samlApplicationOptions (SamlApplicationOptions): Options for the SAML Application create and update
const samlApplicationOptions = {
  "name": "My SAML Application",
  "loginPageUrl": "https://my-idp-application.com/login",
  // "id": (optional),
  "description": "This is my SAML Application",
  "logo": "https://my-idp-application.com/logo",
  "enabled": true,
  "useMetadataInfo": true,
  "metadataUrl": "https://myapp.com/metadata",
  // entityId?: (optional),
  // "acsUrl": (optional),
  // "certificate": (optional),
  // "attributeMapping": (optional),
  // "groupsMapping": (optional),
  // "acsAllowedCallbacks": (optional),
  // "subjectNameIdType": (optional),
  // "subjectNameIdFormat": (optional)
}

const resp = await descopeClient.management.ssoApplication.updateSamlApplication(samlApplicationOptions)
if (!resp.ok) {
  console.log("Failed to update SAML Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully updated SAML Application.")
  console.log(resp.data)
}
# Args:
#   id (str): The ID of the sso application to update.
id = "xxxxx"
#   name (str): The sso application's name.
name = "My updated SAML Application"
#   login_page_url (str): The URL where login page is hosted.
login_page_url = "https://my-idp-application.com/login"
#   description (str): Optional sso application description.
description = "This is my updated SAML Application"
#   logo (str): Optional sso application logo.
logo = "https://my-idp-application.com/logo"
#   enabled (bool): Optional set the sso application as enabled or disabled.
enabled = True
#   use_metadata_info (bool): Optional determine if SP info should be automatically fetched from metadata_url or by specified it by the entity_id, acs_url, certificate parameters.
use_metadata_info = True
#   metadata_url (str): Optional SP metadata url which include all the SP SAML info.
metadata_url = "https://myapp.com/metadata"
#   entity_id (str): Optional SP entity id.
#   acs_url (str): Optional SP ACS (saml callback) url.
#   certificate (str): Optional SP certificate, relevant only when SAML request must be signed.
#   attribute_mapping (List[SAMLIDPAttributeMappingInfo]): Optional list of Descope (IdP) attributes to SP mapping.
#   groups_mapping (List[SAMLIDPGroupsMappingInfo]): Optional list of Descope (IdP) roles that will be mapped to SP groups.
#   acs_allowed_callbacks (List[str]): Optional list of urls wildcards strings represents the allowed ACS urls that will be accepted while arriving on the SAML request as SP callback urls.
acs_allowed_callbacks = ["https://my-idp-application.com/", "https://my-idp-application.com/callback"]
#   subject_name_id_type (str): Optional define the SAML Assertion subject name type, leave empty for using Descope user-id or set to "email"/"phone".
#   subject_name_id_format (str): Optional define the SAML Assertion subject name format, leave empty for using "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified".

try:
  resp = descope_client.mgmt.sso_application.update_saml_application(
    name=name,
    login_page_url=login_page_url,
    description=description,
    logo=logo,
    enabled=enabled,
    use_metadata_info=use_metadata_info,
    metadata_url=metadata_url,
    acs_allowed_callbacks=acs_allowed_callbacks
    )
  print("Successfully updated SAML Application.")
except AuthException as error:
  print ("Failed to update SAML Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    SAMLApplicationOptions (&descope.SAMLApplicationRequest): Options for the SAML Application create and update
OidcApplicationOptions := &descope.SAMLApplicationRequest{
  ID: "xxxxx",
  Name: "My OIDC Application",
  Description: "This is my OIDC Application",
  Enabled: true,
  Logo: "https://my-idp-application.com/logo",
  LoginPageURL: "https://my-idp-application.com/login",
  UseMetadataInfo: true,
  MetadataURL: "https://myapp.com/metadata",
  // EntityID: (optional),
  // AcsURL: (optional),
  // Certificate: (optional),
  // AttributeMapping: (optional),
  // GroupsMapping: (optional),
  // AcsAllowedCallbacks: (optional),
  // SubjectNameIDType: (optional),
  // SubjectNameIDFormat:(optional)
}

res, err := descopeClient.Management.SSOApplication().UpdateSAMLApplication(ctx, OidcApplicationOptions)
if  (err != nil){
  fmt.Println("Failed to update SAML Application.", err)
} else {
  fmt.Println("Successfully updated SAML Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.updateSAMLApplication(SAMLApplicationRequest);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}

Delete an Application

Delete an existing Application.

Note: This action is irreversible. Use carefully.

NodeJSPythonGoJava
// Args:
//  id (str): The ID of the sso application to delete.
const id = "xxxxx"

const resp = await descopeClient.management.ssoApplication.delete(id)
if (!resp.ok) {
  console.log("Failed to delete Application.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully deleted Application.")
  console.log(resp.data)
}
# Args:
#  id (str): The ID of the sso application to delete.
id = "xxxxx"

try:
  resp = descope_client.mgmt.sso_application.delete(id=id)
  print("Successfully deleted Application.")
  print(json.dumps(resp, indent=4))
except AuthException as error:
  print ("Failed to delete Application.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
// Args:
//    ctx: context.Context - Application context for the transmission of context capabilities like
//        cancellation signals during the function call. In cases where context is absent, the context.Background()
//        function serves as a viable alternative.
//        Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
//    ID (str): The ID of the sso application to delete.
ID := "xxxxx"

res, err := descopeClient.Management.SSOApplication().Delete(ctx, ID)
if  (err != nil){
  fmt.Println("Failed to delete Application.", err)
} else {
  fmt.Println("Successfully deleted Application.")
}
SsoApplicationService ssoas = descopeClient.getManagementServices().getSsoApplicationService();

try {
    IdPApplications resp = ssoas.delete(id);
        // Do something
} catch (DescopeException de) {
    // Handle the error
}