Add a new trusted OpenID Connect Identity Provider to a Realm

post

https://Use API Lookup for a base URL/realms/{realm}/identityProviders

Add a new trusted Identity Provider to a Realm.
Currently, only OAuth 2.0/OpenID Connect Providers can be used.

NOTE: You can create a maximum of 5 Identity Providers in a Realm.

Access Control:

The calling principal must have either "manageIdentityProviders" action permission for the resource "{realm}" in the "account" service.
The calling principal MUST NOT include a project scope.

Path Params

realm

string

required

HRN identifying the Realm. You can also use the shorthand "me" to refer to the Realm HRN indicated by your access token context.

Body Params

string

required

Unique identifier the Identity Provider within a Realm

name

string

User-friendly name for the Identity Provider

description

string

Detailed text description of the Identity Provider

issuers

array of objects

issuers

accountType

string

enum

Defaults to device

Always "device" for now. Reserved for future use, new account types may be added in the future.

Allowed:

enabled

boolean

Defines if the Identity Provider is enabled

Headers

X-Request-ID

string

The unique for the request, used to track this request within the service. X-Request-ID value is NOT propagated to the downstream services.

X-Correlation-ID

string

Correlates HTTP requests between a client and server. If not present in the incoming request, it will be generated. This header and value will be included in all loglines including access logs. It will also be propagated to downstream services and returned in the response.

Responses

200OK

400Bad Request. E110000 - Missing required field, etc.

401Missing or invalid Authorization header.

403An error has occurred. E110000 - Subject does not have the required "manageIdentityProviders" access to the Realm.

422An error has occurred. E110000 - Maximum number of Identity Providers exceeded for the Realm. The maximum is 10.