Create SAML Connection

POSThttps://test.stytch.com/v1/b2b/sso/saml/{organization_id}

Create a new SAML Connection.

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a session_token or a session_jwt for an unexpired Member Session, we will check that the Member Session has permission to perform the create action on the stytch.sso Resource.

If the Member Session does not contain a Role that satisfies the requested permission, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our RBAC guide.


Path parameters


organization_id*string

Body parameters


display_namestring

identity_providerstring

Header parameters


X-Stytch-Member-Sessionstring

X-Stytch-Member-SessionJWTstring

Response fields


status_codeint

request_idstring

connectionobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/sso/saml/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931 \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -H "X-Stytch-Member-Session: mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q" \
  -d '{
    "display_name": "Example SAML connection"
  }'

RESPONSE

200
{
	"connection": {
		"acs_url":  "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"attribute_mapping": {
			"email": "email",
			"full_name": "name",
		},
		"audience_uri":  "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"alternative_audience_uri": "",
		"connection_id": "saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"display_name": "",
		"idp": "",
		"idp_entity_id": "",
		"idp_sso_url": "",
		"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
		"signing_certificates": [
			{
				"certificate": "-----BEGIN CERTIFICATE-----\n...base64 blob...\n-----END CERTIFICATE",
				"id": "",
				"created_at": "2023-01-01T00:00:00Z",
				"expires_at": "2033-01-01T00:00:00Z",
				"issuer": "Stytch"
			}
		],
		"status": "pending",
		"verification_certificates": [],
		"identity_provider": "generic"
	},
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200
}