Importing External Identity Provider Certificates

Function

This API is used to import external identity provider certificates. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.

URI

POST /v1/identity-stores/{identity_store_id}/external-idp/{idp_id}/certificate

**Table 1** Path parameters
Parameter	Mandatory	Type	Description
identity_store_id	Yes	String	Globally unique ID of an identity source.
idp_id	Yes	String	Globally unique ID of an external identity provider.

Request Parameters

**Table 2** Parameters in the request header
Parameter	Mandatory	Type	Description
X-Security-Token	No	String	Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

**Table 3** Parameters in the request body
Parameter	Mandatory	Type	Description
x509_certificate_in_pem	Yes	String	Identity provider certificate content in the PEM format.
certificate_use	Yes	String	Usage of an identity provider certificate. Currently, only signature is supported.

Response Parameters

Status code: 200

**Table 4** Parameters in the response body
Parameter	Type	Description
certificate_id	String	Globally unique ID of a certificate.

Status code: 400

**Table 5** Parameters in the response body
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
request_id	String	Unique ID of a request.

Status code: 403

**Table 6** Parameters in the response body
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
request_id	String	Unique ID of a request.
encoded_authorization_message	String	Encrypted error message.

Example Request

Importing external identity provider certificates

POST https://{hostname}/v1/identity-stores/{identity_store_id}/external-idp/{idp_id}/certificate

{
  "x509_certificate_in_pem" : "-----BEGIN CERTIFICATE-----*************-----END CERTIFICATE-----\r\n",
  "certificate_use" : "SIGNING"
}

Example Response

Status code: 200

Successful

{
  "certificate_id" : "cef00a42-28a6-4218-a137-xxxxxxxx"
}

Status Codes

Status Code	Description
200	Successful.
400	Bad request.
403	Forbidden.

Error Codes

For details, see Error Codes.

Parent topic: Identity Provider Management

Previous topic: Listing External Identity Provider Certificates

Next topic: Deleting External Identity Provider Certificates

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel