Pricing Templates
Log in Sign up
Integrations / Okta / ...

PUT /api/v1/idps/{idpId}

Replaces an identity provider integration by idpId

Servers

Path parameters

Name Type Required Description
idpId String Yes

id of IdP

Request headers

Name Type Required Description
Content-Type String Yes The media type of the request body.

Default value: "application/json"

Request body fields

Name Type Required Description
id String No

Unique key for the IdP
_links Object No

Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations.
created String No

Timestamp when the object was created
issuerMode String No

Indicates whether Okta uses the original Okta org domain URL or a custom domain URL in the request to the social IdP

Possible values:

  • "CUSTOM_URL"
  • "DYNAMIC"
  • "ORG_URL"

Default value: "DYNAMIC"
name String No

Unique name for the IdP
properties Object No

The properties in the Identity Provider Properties object vary depending on the IdP type
properties.aalValue String No

The authentication assurance level (AAL) value for the Login.gov IdP. See Add a Login.gov IdP. Applies to LOGINGOV and LOGINGOV_SANDBOX IdP types.
properties.additionalAmr[] Array No

The additional Assurance Methods References (AMR) values for Smart Card IdPs. Applies to X509 IdP type.
properties.ialValue String No

The type of identity verification (IAL) value for the Login.gov IdP. See Add a Login.gov IdP. Applies to LOGINGOV and LOGINGOV_SANDBOX IdP types.
protocol Object No
protocol.scopes[] Array No
protocol.relayState Object No
protocol.relayState.format String No

Possible values:

  • "FROM_URL"
  • "OPAQUE"
protocol.credentials Object No
protocol.credentials.client Object No
protocol.credentials.client.pkce_required Boolean No

Require Proof Key for Code Exchange (PKCE) for additional verification
protocol.credentials.client.client_id String No
protocol.credentials.client.client_secret String No
protocol.credentials.signing Object No
protocol.credentials.signing.kid String No
protocol.credentials.trust Object No
protocol.credentials.trust.issuer String No
protocol.credentials.trust.kid String No
protocol.credentials.trust.revocationCacheLifetime Integer No
protocol.credentials.trust.revocation String No

Possible values:

  • "OCSP"
  • "DELTA_CRL"
  • "CRL"
protocol.credentials.trust.audience String No
protocol.issuer Object No
protocol.issuer.destination String No
protocol.issuer.url String No
protocol.issuer.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.issuer.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.type String No

Possible values:

  • "OAUTH2"
  • "SAML2"
  • "OIDC"
  • "MTLS"
protocol.settings Object No
protocol.settings.nameFormat String No
protocol.algorithms Object No
protocol.algorithms.response Object No
protocol.algorithms.response.signature Object No
protocol.algorithms.response.signature.algorithm String No
protocol.algorithms.response.signature.scope String No

Possible values:

  • "ANY"
  • "REQUEST"
  • "RESPONSE"
  • "TOKEN"
  • "NONE"
protocol.algorithms.request Object No
protocol.algorithms.request.signature Object No
protocol.algorithms.request.signature.algorithm String No
protocol.algorithms.request.signature.scope String No

Possible values:

  • "ANY"
  • "REQUEST"
  • "RESPONSE"
  • "TOKEN"
  • "NONE"
protocol.endpoints Object No
protocol.endpoints.sso Object No
protocol.endpoints.sso.destination String No
protocol.endpoints.sso.url String No
protocol.endpoints.sso.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.sso.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.userInfo Object No
protocol.endpoints.userInfo.destination String No
protocol.endpoints.userInfo.url String No
protocol.endpoints.userInfo.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.userInfo.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.acs Object No
protocol.endpoints.acs.destination String No
protocol.endpoints.acs.url String No
protocol.endpoints.acs.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.acs.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.authorization Object No
protocol.endpoints.authorization.destination String No
protocol.endpoints.authorization.url String No
protocol.endpoints.authorization.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.authorization.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.token Object No
protocol.endpoints.token.destination String No
protocol.endpoints.token.url String No
protocol.endpoints.token.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.token.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.metadata Object No
protocol.endpoints.metadata.destination String No
protocol.endpoints.metadata.url String No
protocol.endpoints.metadata.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.metadata.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.slo Object No
protocol.endpoints.slo.destination String No
protocol.endpoints.slo.url String No
protocol.endpoints.slo.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.slo.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
protocol.endpoints.jwks Object No
protocol.endpoints.jwks.destination String No
protocol.endpoints.jwks.url String No
protocol.endpoints.jwks.binding String No

Possible values:

  • "HTTP-POST"
  • "HTTP-REDIRECT"
protocol.endpoints.jwks.type String No

Possible values:

  • "ORG"
  • "INSTANCE"
type String No

The Identity Provider object's type property identifies the social or enterprise Identity Provider used for authentication. Each Identity Provider uses a specific protocol, therefore the protocol property must correspond with the IdP type. If the protocol is OAuth 2.0-based, the Protocol object's scopes property must also correspond with the scopes supported by the IdP type. For policy actions supported by each IdP type, see IdP type policy actions.

TypeDescriptionCorresponding protocolCorresponding protocol scopes
AMAZONAmazon as the Identity ProviderOpenID Connectprofile, profile:user_id
APPLEApple as the Identity ProviderOpenID Connectnames, email, openid
DISCORDDiscord as the Identity ProviderOAuth 2.0identify, email
FACEBOOKFacebook as the Identity ProviderOAuth 2.0public_profile, email
GITHUBGitHub as the Identity ProviderOAuth 2.0user
GITLABGitLab as the Identity ProviderOpenID Connectopenid, read_user, profile, email
GOOGLEGoogle as the Identity ProviderOpenID Connectopenid, email, profile
LINKEDINLinkedIn as the Identity ProviderOAuth 2.0r_emailaddress, r_liteprofile
LOGINGOVLogin.gov as the Identity ProviderOpenID Connectemail, profile, profile:name
LOGINGOV_SANDBOXLogin.gov's identity sandbox as the Identity ProviderOpenID Connectemail, profile, profile:name
MICROSOFTMicrosoft Enterprise SSO as the Identity ProviderOpenID Connectopenid, email, profile, https://graph.microsoft.com/User.Read
OIDCIdP provider that supports OpenID ConnectOpenID Connectopenid, email, profile
PAYPALPaypal as the Identity ProviderOpenID Connectopenid, email, profile
PAYPAL_SANDBOXPaypal Sandbox as the Identity ProviderOpenID Connectopenid, email, profile
SALESFORCESalesForce as the Identity ProviderOAuth 2.0id, email, profile
SAML2Enterprise IdP provider that supports the SAML 2.0 Web Browser SSO ProfileSAML 2.0
SPOTIFYSpotify as the Identity ProviderOpenID Connectuser-read-email, user-read-private
X509Smart Card IdPMutual TLS
XEROXero as the Identity ProviderOpenID Connectopenid, profile, email
YAHOOYahoo as the Identity ProviderOpenID Connectopenid, profile, email
YAHOOJPYahoo Japan as the Identity ProviderOpenID Connectopenid, profile, email

Possible values:

  • "APPLE"
  • "PAYPAL_SANDBOX"
  • "OIDC"
  • "GITHUB"
  • "XERO"
  • "GOOGLE"
  • "YAHOO"
  • "X509"
  • "FACEBOOK"
  • "SAML2"
  • "SPOTIFY"
  • "YAHOOJP"
  • "GITLAB"
  • "LINKEDIN"
  • "MICROSOFT"
  • "AMAZON"
  • "LOGINGOV"
  • "PAYPAL"
  • "SALESFORCE"
  • "DISCORD"
  • "LOGINGOV_SANDBOX"
status String No

Possible values:

  • "ACTIVE"
  • "INACTIVE"
lastUpdated String No

Timestamp when the object was last updated

How to start integrating

  1. Add HTTP Task to your workflow definition.
  2. Search for the API you want to integrate with and click on the name.
    • This loads the API reference documentation and prepares the Http request settings.
  3. Click Test request to test run your request to the API and see the API's response.
All third party trademarks (including logos and icons) are the property of their respective owners, which do not sponsor, authorize, or endorse this website.
Pricing Templates Integrations Blog Contact Us Help
© 2025 SimWorkflow
Terms of Service Privacy Policy