Skip to main content
PUT
/
v1
/
b2b
/
sso
/
external
/
{organization_id}
/
connections
/
{connection_id}
C#
// PUT /v1/b2b/sso/external/{organization_id}/connections/{connection_id}
const stytch = require('stytch');

const client = new stytch.B2BClient({
  project_id: '${projectId}',
  secret: '${secret}',
});

const params = {
  organization_id: "${organizationId}",
  connection_id: "${externalConnectionId}",
};

const options = {
  authorization: {
    session_token: '${sessionToken}',
  },
};

client.SSO.External.UpdateConnection(params, options)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });
{
  "request_id": "<string>",
  "status_code": 123,
  "connection": {
    "organization_id": "<string>",
    "connection_id": "<string>",
    "external_organization_id": "<string>",
    "external_connection_id": "<string>",
    "display_name": "<string>",
    "status": "<string>",
    "external_connection_implicit_role_assignments": [
      {
        "role_id": "<string>"
      }
    ],
    "external_group_implicit_role_assignments": [
      {
        "role_id": "<string>",
        "group": "<string>"
      }
    ]
  }
}
RBAC Enforced APIIf a Member Session is passed in the Authorization headers, Stytch will enforce that the Member has permission to take the Action on the Resource prior to honoring the request.To learn more, see the RBAC guide.

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.

Headers

X-Stytch-Member-Session
string

A Stytch session that can be used to run the request with the given member's permissions.

X-Stytch-Member-SessionJWT
string

A Stytch Session JSON Web Token (JWT) that can be used to run the request with the given member's permissions.

Path Parameters

organization_id
string
required

Globally unique UUID that identifies a specific Organization. The organization_id is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.

connection_id
string
required

Globally unique UUID that identifies a specific External SSO Connection.

Body

application/json

Request type

display_name
string

A human-readable display name for the connection.

external_connection_implicit_role_assignments
object[]

All Members who log in with this External connection will implicitly receive the specified Roles. See the RBAC guide for more information about role assignment. Implicit role assignments are not supported for External connections if the underlying SSO connection is an OIDC connection.

external_group_implicit_role_assignments
object[]

Defines the names of the groups that grant specific role assignments. For each group-Role pair, if a Member logs in with this external connection and belongs to the specified group, they will be granted the associated Role. See the RBAC guide for more information about role assignment. Before adding any group implicit role assignments to an external connection, you must add a "groups" key to the underlying SAML connection's attribute_mapping. Make sure that the SAML connection IdP is configured to correctly send the group information. Implicit role assignments are not supported for External connections if the underlying SSO connection is an OIDC connection.

Response

Successful response

request_id
string
required

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.

status_code
integer<int32>
required

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.

connection
object