Create a SAML identity provider

post

https://Use API Lookup for a base URL/realms/{realm}/samlIdentityProviders

Create an identity provider

Supports the creation of SAML identity providers.
Addition of identity providers will not enable them by default, it needs to be enabled explicitly.

Access Control:

The calling principal must have "manageSamlIdentityProviders" action permission for the resource "{realm}" in the "account" service.
The calling principal MUST NOT include a project scope.

Path Params

realm

string

required

HRN identifying the Realm. You can also use the shorthand "me" to refer to the Realm HRN indicated by your access token context.

Query Params

validateOnly

boolean

If set to true, only metadata content will be validated and SAML identity provider creation will be skipped. By default, false.

Body Params

name

string

required

IdP's display name.

identityProviderTemplateId

string

required

Identity provider (okta/entra/generic).

metadataContent

string

required

Base-64 encoded metadata xml content.

metadataSource

string

Path to the IdP metadata file (file path or URL).

entityId

string

Issuer Id provided for the IdP. This will be extracted from the metadata if not provided.

ssoLoginUrl

string

Headers

X-Correlation-ID

string

Correlates HTTP requests between a client and server. If not present in the incoming request, it will be generated. This header and value will be included in all loglines including access logs. It will also be propagated to downstream services and returned in the response.

X-Request-ID

string

The unique for the request, used to track this request within the service. X-Request-ID value is NOT propagated to the downstream services.

Responses

200Ok. When validateOnly query parameter is set to true.

201Created

400Invalid input provided, see error response for details

401Access is denied due to invalid credentials

403You do not have permission to perform this action

404The requested resource was not found, see error response for details