Headers

• x-fapi-auth-date string

  The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC

  Format should match the following pattern: ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$.

• x-fapi-customer-ip-address string

  The PSU's IP address if the PSU is currently logged in with the TPP.

• x-fapi-interaction-id string

  An RFC4122 UID used as a correlation id.

• x-customer-user-agent string

  Indicates the user-agent that the PSU is using.

Path parameters

• OrganisationId string Required

  The organisation ID

  Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

• AuthorisationServerId string(uuid) Required

  The authorisation server Id

  Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

• ssoConfigurationId string(uuid) Required

  The unique identifier representing a given sso configuration of an authorisation server

Responses

• 201 application/json

  A single sso configuration version for a given authorisation server's sso configuration

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  Hide response attributes Show response attributes object

  SSO Configuration Version for a given IDP SSO configuration

  • AdditionalScopeValues string

    Additional space-separated scope values that will be requested alongside the default of openid, email and profile

    Maximum length is 255. Default value is empty.

  • AuthenticationPolicies array[string] Required

    List of sign-in policies that are applied during authentication

    Values are CLICK_TO_ACCEPT_TERMS, ESIGNATURE_TERMS, RECOVERY_CODES, TWO_FACTOR, or VERIFY_EMAIL_AND_MOBILE.

  • ClientID string Required

    The Client ID to be used by the Raidiam IDP to retrieve identity claims from the external IDP used for SSO

    Maximum length is 255.

  • GroupClaim string Required

    The name of the claim in the ID Token returned by the external IDP containing the list of user group identifiers

    Maximum length is 60.

  • GroupClaimPath string

    Valid JSON Path indicating the location in the ID Token of the group claim

    Maximum length is 255. Format should match the following pattern: ^\$[.\[].*. Default value is $..

  • RestrictedDomains array[string] Required

    List of email domains that will be forced to use this IDP for SSO

    Not more than 10 elements. Maximum length of each is 255. Format of each should match the following pattern: ^\S*$.

  • SupportedDomains array[string] Required

    List email domains that will have the option to use this IDP for SSO

    Not more than 10 elements. Maximum length of each is 255. Format of each should match the following pattern: ^\S*$.

  • Status string Required

    The status of a resource that has an approval flow

    Format should match the following pattern: ^[^<>]*$. Values are Active, Assignable, Pending, Rejected, or Inactive.

  • CreatedAt string(date-time)
  • ID string(uuid)

    Unique identifier of the given OpenID Connect Provider's SSO Configuration

  • SsoConfigurationID string(uuid)

    Unique identifier of the given OpenID Connect Provider's SSO Configuration

  • UpdatedAt string(date-time)
  • Version integer(int16)

    Version number of the SSO configuration

• 400 application/json

  Bad Request

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  Hide response attribute Show response attribute object

  • errors array[string]

    Validation Error messages

• 401

  Unauthorized

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 403

  Forbidden

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 429

  Too many requests, maximum capacity reached. Requests are now throttled.

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 500

  Internal Server Error

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 502

  Bad Gateway

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 504

  Upstream timeout, insufficient capacity to serve request. More capacity being brought online. Please try again.

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.