Update SAML Connection by Metadata URL

PUT
https://test.stytch.com/v1/b2b/sso/saml/{organization_id}/connections/{connection_id}/url

Used to update an existing SAML connection using an IDP metadata URL.

A newly created connection will not become active until all the following are provided:


Path parameters


organization_idstring

Globally unique UUID that identifies a specific Organization. The organization_id is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.


connection_idstring

Globally unique UUID that identifies a specific SSO connection_id for a Member.


Body parameters


metadata_url*string

A URL that points to the IdP metadata. This will be provided by the IdP.


Header parameters


X-Stytch-Member-Sessionstring

The secret token for a Member Session that should be used to perform an authorization check for this endpoint. If neither session header is passed, no authorization check will be performed. If one is passed, we will check that the Member Session contains a Role that satisfies the permission needed to call this endpoint. If it does not, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.


X-Stytch-Member-SessionJWTstring

The JSON Web Token (JWT) for a Member Session that should be used to perform an authorization check for this endpoint. If neither session header is passed, no authorization check will be performed. If one is passed, we will check that the Member Session contains a Role that satisfies the permission needed to call this endpoint. If it does not, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.


Response fields


status_codeint

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.


request_idstring

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.


connectionobject

The SAML Connection object affected by this API call. See the SAML Connection Object for complete response field details.

const stytch = require('stytch');

const client = new stytch.B2BClient({
  project_id: 'PROJECT_ID',
  secret: 'SECRET',
});

const params = {
  organization_id: "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
  connection_id: "saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
  metadata_url: "https://idp.example.com/app/51861cbc-d3b9-428b-9761-227f5fb12be9/sso/saml/metadata",
};

const options = {
  authorization: {
    session_token: 'mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q',
  },
};

client.sso.saml.updateByURL(params, options)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });
RESPONSE 200
{
  "connection": {
		"acs_url": "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"alternative_acs_url": "",
		"attribute_mapping": {
			"email": "email",
			"full_name": "name"
		},
		"audience_uri":  "https://test.stytch.com/v1/b2b/sso/callback/saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"connection_id": "saml-connection-test-51861cbc-d3b9-428b-9761-227f5fb12be9",
		"display_name": "Example SAML Connection",
		"idp_entity_id": "https://idp.example.com/51861cbc-d3b9-428b-9761-227f5fb12be9",
		"idp_sso_url": "https://idp.example.com/51861cbc-d3b9-428b-9761-227f5fb12be9/sso/saml",
		"nameid_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
		"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
		"signing_certificates": [
			{
				"certificate": "-----BEGIN CERTIFICATE-----\n...base64 blob...\n-----END CERTIFICATE",
				"created_at": "2023-01-01T00:00:00Z",
				"expires_at": "2033-01-01T00:00:00Z",
				"id": "",
				"issuer": "Stytch"
			}
		],
		"identity_provider": "generic",
		"status": "active",
		"verification_certificates": [
			{
				"certificate": "-----BEGIN CERTIFICATE-----\n...base64 blob...\n-----END CERTIFICATE",
				"created_at": "2023-01-01T00:00:00Z",
				"expires_at": "2033-01-01T00:00:00Z",
				"id": "saml-verification-key-test-5ccbc642-9373-42b8-928f-c1646c868701",
				"issuer": ""
			}
		],
		"idp_initiated_auth_disabled": false
	},
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200
}
RESPONSE 401
{
  "status_code": 401,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "unauthorized_credentials",
  "error_message": "Unauthorized credentials.",
  "error_url": "https://stytch.com/docs/api/errors/401"
}
RESPONSE 429
{
  "status_code": 429,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "too_many_requests",
  "error_message": "Too many requests have been made.",
  "error_url": "https://stytch.com/docs/api/errors/429"
}
RESPONSE 500
{
  "status_code": 500,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "internal_server_error",
  "error_message": "Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong.",
  "error_url": "https://stytch.com/docs/api/errors/500"
}

Common Error Types