Skip to content
API Reference
/
/
Updates an SSO provider

Aritma IAM API (V1)

An API for interacting with the identity and access management system of Aritma.

Download OpenAPI description
iam-openapi.json
iam-openapi.yaml
Overview
URL
https://aritma.com/contact
Languages
Servers
Mock server
https://developer.aritma.com/_mock/apis/platform/iam/openapi/iam-openapi
IAM API
https://api.dev.aritma.io/core/iam

Actions

Actions related to IAM actions

Operations

Client

Actions related to clients in Aritma ID

Operations

Domains

Actions related to domains registered for the tenant, and their verification status

Operations

Me

Actions listing information about the currently authenticated user

Operations

Policies

Actions related to IAM policies

Operations

Role

Actions related to Aritma ID roles

Operations

Scim

Actions related to SCIM tokens

Operations

Scope

Actions related to scopes in Aritma ID

Operations

SSO

Actions common for all SSO providers

Operations

SSO - Azure AD (Entra ID)

Actions relating to AzureAd as an SSO provider

Operations

SSO - Custom Providers

Actions relating to custom SSO providers

Operations

SSO - Google

Actions relating to Google as an SSO provider

Operations

SSO - Signicat

Actions relating to Signicat as an SSO provider

Operations

Creates a new SSO provider

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Bodyapplication/json
schemestringrequired

The scheme name for the provider

displayNamestringrequired

The display name of the provider

enabledbooleanrequired

Whether or not the provider is enabled

typestringrequired

The type of identityprovider

Value"oidc"
propertiesobjectrequired

The properties that defines the behavior of this provider, dependent on which provider that is used, see json schemas for more details

loginEnabledbooleanrequired

Whether users can log in via this provider.

Example: true
visiblebooleanrequired

Whether this provider is shown on the login page.

Example: true
delegationEnabledbooleanrequired

Whether delegation is permitted via this provider.

Example: false
autoProvisioningEnabledbooleanrequired

Whether users are automatically provisioned on first login via this provider.

Example: true
clientIdstringrequired

The OAuth 2.0 client ID registered with the identity provider.

Example: "my-client-id"
clientSecretstring or null

The OAuth 2.0 client secret. Leave null for public clients using PKCE.

Example: "my-client-secret"
verifyEnabledbooleanrequired

Whether to verify user identity on each login.

Example: false
authoritystringrequired

The Signicat authority URL for your environment.

Example: "https://yourorg.signicat.com/auth/open"
methodstringrequired

The electronic ID method to enforce for authentication.

Enum"None""BankId""MitId""SBID"
Example: "BankId"
application/json
{
  "scheme": "string",
  "displayName": "string",
  "enabled": true,
  "type": "oidc",
  "properties": {
    "loginEnabled": true,
    "visible": true,
    "delegationEnabled": false,
    "autoProvisioningEnabled": true,
    "clientId": "my-client-id",
    "clientSecret": "my-client-secret",
    "verifyEnabled": false,
    "authority": "https://yourorg.signicat.com/auth/open",
    "method": "BankId"
  }
}

Responses

Created

Bodyapplication/jsonArray [
relstringrequired

The link relation type (e.g. self, update, delete).

Example: "self"
hrefstring or null

The URL of the related action.

Example: "/v0/sso/custom/1"
methodobjectrequired

The HTTP method to use when calling this link.

Example: "GET"
methodstringrequired
]
Response
application/json
[
  {
    "rel": "self",
    "href": "/v0/sso/custom/1",
    "method": "GET"
  }
]

Gets an SSO provider by id

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Path
idinteger(int32)required
No request payload

Responses

OK

Bodyapplication/json
idinteger(int32)required

The internal identifier of the identity provider.

Example: 1
schemestringrequired

The unique authentication scheme name used to identify this provider.

Example: "azure-ad"
displayNamestringrequired

The human-readable name shown to users on the login page.

Example: "Our Azure AD"
enabledbooleanrequired

Indicates whether this provider is currently active and available for login.

Example: true
providerNamestringrequired

The provider type name (e.g. Azure, Google, Signicat, Custom).

Example: "Azure"
typestringrequired

The protocol type of the provider (e.g. oidc, saml2p).

Example: "oidc"
propertiesobjectrequired

Provider-specific configuration properties.

loginEnabledbooleanrequired

Whether users can log in via this provider.

Example: true
visiblebooleanrequired

Whether this provider is shown on the login page.

Example: true
delegationEnabledbooleanrequired

Whether delegation is permitted via this provider.

Example: false
autoProvisioningEnabledbooleanrequired

Whether users are automatically provisioned on first login via this provider.

Example: true
clientIdstringrequired

The OAuth 2.0 client ID registered with the identity provider.

Example: "my-client-id"
clientSecretstring or null

The OAuth 2.0 client secret. Leave null for public clients using PKCE.

Example: "my-client-secret"
verifyEnabledbooleanrequired

Whether to verify user identity on each login.

Example: false
authoritystringrequired

The Signicat authority URL for your environment.

Example: "https://yourorg.signicat.com/auth/open"
methodstringrequired

The electronic ID method to enforce for authentication.

Enum"None""BankId""MitId""SBID"
Example: "BankId"
Response
application/json
{
  "id": 1,
  "scheme": "azure-ad",
  "displayName": "Our Azure AD",
  "enabled": true,
  "providerName": "Azure",
  "type": "oidc",
  "properties": {
    "loginEnabled": true,
    "visible": true,
    "delegationEnabled": false,
    "autoProvisioningEnabled": true,
    "clientId": "my-client-id",
    "clientSecret": "my-client-secret",
    "verifyEnabled": false,
    "authority": "https://yourorg.signicat.com/auth/open",
    "method": "BankId"
  }
}

Updates an SSO provider

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Path
idinteger(int32)required
Bodyapplication/json
idinteger(int32)required

The id of the identityprovider

schemestringrequired

The scheme name for the provider

displayNamestringrequired

The display name of the provider

enabledbooleanrequired

Whether or not the provider is enabled

typestringrequired

The type of identityprovider

Value"oidc"
propertiesobjectrequired

The properties that defines the behavior of this provider, dependent on which provider that is used, see json schemas for more details

loginEnabledbooleanrequired

Whether users can log in via this provider.

Example: true
visiblebooleanrequired

Whether this provider is shown on the login page.

Example: true
delegationEnabledbooleanrequired

Whether delegation is permitted via this provider.

Example: false
autoProvisioningEnabledbooleanrequired

Whether users are automatically provisioned on first login via this provider.

Example: true
clientIdstringrequired

The OAuth 2.0 client ID registered with the identity provider.

Example: "my-client-id"
clientSecretstring or null

The OAuth 2.0 client secret. Leave null for public clients using PKCE.

Example: "my-client-secret"
verifyEnabledbooleanrequired

Whether to verify user identity on each login.

Example: false
authoritystringrequired

The Signicat authority URL for your environment.

Example: "https://yourorg.signicat.com/auth/open"
methodstringrequired

The electronic ID method to enforce for authentication.

Enum"None""BankId""MitId""SBID"
Example: "BankId"
application/json
{
  "id": 0,
  "scheme": "string",
  "displayName": "string",
  "enabled": true,
  "type": "oidc",
  "properties": {
    "loginEnabled": true,
    "visible": true,
    "delegationEnabled": false,
    "autoProvisioningEnabled": true,
    "clientId": "my-client-id",
    "clientSecret": "my-client-secret",
    "verifyEnabled": false,
    "authority": "https://yourorg.signicat.com/auth/open",
    "method": "BankId"
  }
}

Responses

OK

Response
No content

Deletes an SSO provider by id

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Path
idinteger(int32)required

The numeric identifier of the SSO provider to delete.

No request payload

Responses

OK

Response
No content

Subjects

Actions related to IAM subjects

Operations

User

Actions related to Aritma ID users

Operations