Package com.okta.sdk.resource.api

Class IdentityProviderApi

java.lang.Object
com.okta.sdk.resource.api.IdentityProviderApi
@Generated(value="org.openapitools.codegen.languages.JavaClientCodegen", date="2024-09-23T16:19:57.008753975Z[Etc/UTC]", comments="Generator version: 7.8.0") public class IdentityProviderApi extends Object

  • Constructor Details

    • IdentityProviderApi

      public IdentityProviderApi()

    • IdentityProviderApi

      public IdentityProviderApi(ApiClient apiClient)

  • Method Details

    • getApiClient

      public ApiClient getApiClient()

    • setApiClient

      public void setApiClient(ApiClient apiClient)

    • activateIdentityProvider

      public IdentityProvider activateIdentityProvider(String idpId) throws ApiException
      Activate an Identity Provider Activates an inactive IdP
      Parameters:
      idpId - `id` of IdP (required)
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • activateIdentityProvider

      public IdentityProvider activateIdentityProvider(String idpId, Map<String,String> additionalHeaders) throws ApiException
      Activate an Identity Provider Activates an inactive IdP
      Parameters:
      idpId - `id` of IdP (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • createIdentityProvider

      public IdentityProvider createIdentityProvider(IdentityProvider identityProvider) throws ApiException
      Create an Identity Provider Creates a new Identity Provider integration. #### SAML 2.0 Identity Provider You must first add the IdP's signature certificate to the IdP key store before you can add a SAML 2.0 IdP with a `kid` credential reference. Don't use `fromURI` to automatically redirect a user to a particular app after successfully authenticating with a third-party IdP. Instead, use SAML deep links. Using `fromURI` isn't tested or supported. For more information about using deep links when signing users in using an SP-initiated flow, see [Understanding SP-Initiated Login flow](https://developer.okta.com/docs/concepts/saml/#understanding-sp-initiated-login-flow). Use SAML deep links to automatically redirect the user to an app after successfully authenticating with a third-party IdP. To use deep links, assemble these three parts into a URL: * SP ACS URL<br> For example: `https://${yourOktaDomain}/sso/saml2/:idpId` * The app to which the user is automatically redirected after successfully authenticating with the IdP <br> For example: `/app/:app-location/:appId/sso/saml` * Optionally, if the app is an outbound SAML app, you can specify the `relayState` passed to it.<br> For example: `?RelayState=:anyUrlEncodedValue` The deep link for the above three parts is:<br> `https://${yourOktaDomain}/sso/saml2/:idpId/app/:app-location/:appId/sso/saml?RelayState=:anyUrlEncodedValue` #### Smart Card X509 Identity Provider You must first add the IdP's server certificate to the IdP key store before you can add a Smart Card `X509` IdP with a `kid` credential reference. You need to upload the whole trust chain as a single key using the [Key Store API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey). Depending on the information stored in the smart card, select the proper [template](https://developer.okta.com/docs/reference/okta-expression-language/#idp-user-profile) `idpuser.subjectAltNameEmail` or `idpuser.subjectAltNameUpn`.
      Parameters:
      identityProvider - IdP settings (required)
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • createIdentityProvider

      public IdentityProvider createIdentityProvider(IdentityProvider identityProvider, Map<String,String> additionalHeaders) throws ApiException
      Create an Identity Provider Creates a new Identity Provider integration. #### SAML 2.0 Identity Provider You must first add the IdP's signature certificate to the IdP key store before you can add a SAML 2.0 IdP with a `kid` credential reference. Don't use `fromURI` to automatically redirect a user to a particular app after successfully authenticating with a third-party IdP. Instead, use SAML deep links. Using `fromURI` isn't tested or supported. For more information about using deep links when signing users in using an SP-initiated flow, see [Understanding SP-Initiated Login flow](https://developer.okta.com/docs/concepts/saml/#understanding-sp-initiated-login-flow). Use SAML deep links to automatically redirect the user to an app after successfully authenticating with a third-party IdP. To use deep links, assemble these three parts into a URL: * SP ACS URL<br> For example: `https://${yourOktaDomain}/sso/saml2/:idpId` * The app to which the user is automatically redirected after successfully authenticating with the IdP <br> For example: `/app/:app-location/:appId/sso/saml` * Optionally, if the app is an outbound SAML app, you can specify the `relayState` passed to it.<br> For example: `?RelayState=:anyUrlEncodedValue` The deep link for the above three parts is:<br> `https://${yourOktaDomain}/sso/saml2/:idpId/app/:app-location/:appId/sso/saml?RelayState=:anyUrlEncodedValue` #### Smart Card X509 Identity Provider You must first add the IdP's server certificate to the IdP key store before you can add a Smart Card `X509` IdP with a `kid` credential reference. You need to upload the whole trust chain as a single key using the [Key Store API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey). Depending on the information stored in the smart card, select the proper [template](https://developer.okta.com/docs/reference/okta-expression-language/#idp-user-profile) `idpuser.subjectAltNameEmail` or `idpuser.subjectAltNameUpn`.
      Parameters:
      identityProvider - IdP settings (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • deactivateIdentityProvider

      public IdentityProvider deactivateIdentityProvider(String idpId) throws ApiException
      Deactivate an Identity Provider Deactivates an active IdP
      Parameters:
      idpId - `id` of IdP (required)
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • deactivateIdentityProvider

      public IdentityProvider deactivateIdentityProvider(String idpId, Map<String,String> additionalHeaders) throws ApiException
      Deactivate an Identity Provider Deactivates an active IdP
      Parameters:
      idpId - `id` of IdP (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • deleteIdentityProvider

      public void deleteIdentityProvider(String idpId) throws ApiException
      Delete an Identity Provider Deletes an identity provider integration by `idpId` * All existing IdP users are unlinked with the highest order profile source taking precedence for each IdP user. * Unlinked users keep their existing authentication provider such as `FEDERATION` or `SOCIAL`.
      Parameters:
      idpId - `id` of IdP (required)
      Throws:
      ApiException - if fails to make API call

    • deleteIdentityProvider

      public void deleteIdentityProvider(String idpId, Map<String,String> additionalHeaders) throws ApiException
      Delete an Identity Provider Deletes an identity provider integration by `idpId` * All existing IdP users are unlinked with the highest order profile source taking precedence for each IdP user. * Unlinked users keep their existing authentication provider such as `FEDERATION` or `SOCIAL`.
      Parameters:
      idpId - `id` of IdP (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • getIdentityProvider

      public IdentityProvider getIdentityProvider(String idpId) throws ApiException
      Retrieve an Identity Provider Retrieves an identity provider integration by `idpId`
      Parameters:
      idpId - `id` of IdP (required)
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • getIdentityProvider

      public IdentityProvider getIdentityProvider(String idpId, Map<String,String> additionalHeaders) throws ApiException
      Retrieve an Identity Provider Retrieves an identity provider integration by `idpId`
      Parameters:
      idpId - `id` of IdP (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • listIdentityProviders

      public List<IdentityProvider> listIdentityProviders(String q, String after, Integer limit, IdentityProviderType type) throws ApiException
      List all Identity Providers Lists all identity provider integrations with pagination. A subset of IdPs can be returned that match a supported filter expression or query.
      Parameters:
      q - Searches the `name` property of IdPs for matching value (optional)
      after - The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination). (optional)
      limit - A limit on the number of objects to return (optional, default to 20)
      type - Filters IdPs by `type` (optional)
      Returns:
      List<IdentityProvider>
      Throws:
      ApiException - if fails to make API call

    • listIdentityProviders

      public List<IdentityProvider> listIdentityProviders(String q, String after, Integer limit, IdentityProviderType type, Map<String,String> additionalHeaders) throws ApiException
      List all Identity Providers Lists all identity provider integrations with pagination. A subset of IdPs can be returned that match a supported filter expression or query.
      Parameters:
      q - Searches the `name` property of IdPs for matching value (optional)
      after - The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination). (optional)
      limit - A limit on the number of objects to return (optional, default to 20)
      type - Filters IdPs by `type` (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<IdentityProvider>
      Throws:
      ApiException - if fails to make API call

    • replaceIdentityProvider

      public IdentityProvider replaceIdentityProvider(String idpId, IdentityProvider identityProvider) throws ApiException
      Replace an Identity Provider Replaces an identity provider integration by `idpId`
      Parameters:
      idpId - `id` of IdP (required)
      identityProvider - Updated configuration for the IdP (required)
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • replaceIdentityProvider

      public IdentityProvider replaceIdentityProvider(String idpId, IdentityProvider identityProvider, Map<String,String> additionalHeaders) throws ApiException
      Replace an Identity Provider Replaces an identity provider integration by `idpId`
      Parameters:
      idpId - `id` of IdP (required)
      identityProvider - Updated configuration for the IdP (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      IdentityProvider
      Throws:
      ApiException - if fails to make API call

    • getObjectMapper

      protected static com.fasterxml.jackson.databind.ObjectMapper getObjectMapper()