Multi-tenancy authentication API reference - update oidc connection

Update OIDC Connection

PUThttps://test.stytch.com/v1/b2b/sso/oidc/{organization_id}/connections/{connection_id}

Updates an existing OIDC connection.

When the value of issuer changes, Stytch will attempt to retrieve the OpenID Provider Metadata document found at ${issuer}/.well-known/openid-configuration. If the metadata document can be retrieved successfully, Stytch will use it to infer the values of authorization_url, token_url, jwks_url, and userinfo_url. The client_id and client_secret values cannot be inferred from the metadata document, and must be passed in explicitly.

If the metadata document cannot be retrieved, Stytch will still update the connection using values from the request body.

If the metadata document can be retrieved, and values are passed in the request body, the explicit values passed in from the request body will take precedence over the values inferred from the metadata document.

Note that a newly created connection will not become active until all of the following fields are provided:

issuer
client_id
client_secret
authorization_url
token_url
userinfo_url
jwks_url

RBAC Enforced API

When a Member Session is passed in the Authorization headers, Stytch will enforce that the Member has permission to take the update Action on the stytch.sso Resource prior to honoring the request.

To learn more, see our RBAC guide.

Path parameters

organization_id* string

connection_id* string

Body parameters

display_name string

issuer string

client_id string

client_secret string

authorization_url string

token_url string

userinfo_url string

jwks_url string

identity_provider string

Header parameters

X-Stytch-Member-Session string

X-Stytch-Member-SessionJWT string

Response fields

request_id string

status_code int

connection object

warning string

curl --request PUT \
  --url https://test.stytch.com/v1/b2b/sso/oidc/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931/connections/oidc-connection-test-b6c714c2-7413-4b92-a0f1-97aa1085aeff \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -H "X-Stytch-Member-Session: mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q" \
  -d '{
    "client_id": "s6BhdRkqt3",
    "client_secret": "SeiGwdj5lKkrEVgcEY3QNJXt6srxS3IK2Nwkar6mXD4="
  }'

RESPONSE

{
  "connection": {
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
    "connection_id": "oidc-connection-test-b6c714c2-7413-4b92-a0f1-97aa1085aeff",
    "display_name": "Example OIDC Connection",
    "redirect_url": "https://test.stytch.com/v1/b2b/sso/callback/oidc-connection-test-b6c714c2-7413-4b92-a0f1-97aa1085aeff"
    "status": "active",
    "issuer": "https://idp.example.com/",
    "client_id": "s6BhdRkqt3",
    "client_secret": "SeiGwdj5lKkrEVgcEY3QNJXt6srxS3IK2Nwkar6mXD4=",
    "authorization_url": "https://idp.example.com/authorize"
    "token_url": "https://idp.example.com/oauth2/token"
    "userinfo_url": "https://idp.example.com/userinfo"
    "jwks_url": "https://idp.example.com/oauth2/jwks",
    "identity_provider": "generic"
    },
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "status_code": 200
}

Update OIDC Connection

Body parameters

Header parameters

Response fields

Common Error Types