Multi-tenancy authentication API reference - update saml connection url

Update SAML Connection by Metadata URL

PUThttps://test.stytch.com/v1/b2b/sso/saml/{organization_id}/connections/{connection_id}/url

Used to update an existing SAML connection using an IDP metadata URL.

A newly created connection will not become active until all the following are provided:

idp_sso_url
idp_entity_id
x509_certificate
attribute_mapping (must be supplied using Update SAML Connection)

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a session_token or a session_jwt for an unexpired Member Session, we will check that the Member Session has permission to perform the update action on the stytch.sso Resource.

If the Member Session does not contain a Role that satisfies the requested permission, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our RBAC guide.

Path parameters

organization_id string

connection_id string

Body parameters

metadata_url string

Header parameters

X-Stytch-Member-Session string

X-Stytch-Member-SessionJWT string

Response fields

status_code int

request_id string

connection object

curl --request PUT \
	--url https://test.stytch.com/v1/b2b/sso/saml/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931/connections/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9/url \
	-u 'PROJECT_ID:SECRET' \
	-H 'Content-Type: application/json' \
	-d '{
		"metadata_url": "https://idp.example.com/app/51861cbc-d3b9-428b-9761-227f5fb12be9/sso/saml/metadata"
	}'

RESPONSE

{
  "connection": {
		"acs_url": "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"attribute_mapping": {
			"email": "email",
			"full_name": "name"
		},
		"audience_uri":  "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"connection_id": "saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"display_name": "Example SAML Connection",
		"idp_entity_id": "https://idp.example.com/51861cbc-d3b9-428b-9761-227f5fb12be9",
		"idp_sso_url": "https://idp.example.com/51861cbc-d3b9-428b-9761-227f5fb12be9/sso/saml",
		"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
		"signing_certificates": [
			{
				"certificate": "-----BEGIN CERTIFICATE-----\n...base64 blob...\n-----END CERTIFICATE",
				"created_at": "2023-01-01T00:00:00Z",
				"expires_at": "2033-01-01T00:00:00Z",
				"id": "",
				"issuer": "Stytch"
			}
		],
		"status": "active",
		"verification_certificates": [
			{
				"certificate": "-----BEGIN CERTIFICATE-----\n...base64 blob...\n-----END CERTIFICATE",
				"created_at": "2023-01-01T00:00:00Z",
				"expires_at": "2033-01-01T00:00:00Z",
				"id": "saml-verification-key-test-5ccbc642-9373-42b8-928f-c1646c868701",
				"issuer": ""
			}
		]
	},
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200
}