Help Center/ IAM Identity Center/ API Reference/ API/ Identity Provider Management/ Querying External Identity Provider Configurations
Updated on 2025-11-27 GMT+08:00
View PDF

Querying External Identity Provider Configurations

Function

This API is used to query configurations for an external identity provider. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.

URI

GET /v1/identity-stores/{identity_store_id}/external-idp

Table 1 Path parameters

Parameter

Mandatory

Type

Description

identity_store_id

Yes

String

Globally unique ID of an identity source.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Response Parameters

Status code: 200

Table 3 Parameters in the response body

Parameter

Type

Description

associations

Array of ExternalIdpConfigurationDto objects

External identity provider configuration.
Table 4 ExternalIdpConfigurationDto

Parameter

Type

Description

idp_certificate_ids

Array of IdpCertificateBody objects

Globally unique ID of an identity provider certificate.

idp_id

String

Globally unique ID of an identity provider.

idp_saml_config

IdpSAMLConfig object

Identity provider configuration.

is_enabled

Boolean

Whether an identity provider is enabled.
Table 5 IdpCertificateBody

Parameter

Type

Description

certificate_id

String

Globally unique ID of a certificate.

status

String

Certificate status.
Table 6 IdpSAMLConfig

Parameter

Type

Description

entity_id

String

Issuer ID of an identity provider.

login_url

String

Login link of an identity provider.

want_request_signed

Boolean

Whether SAML request signature verification is required.

Status code: 400

Table 7 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

Status code: 403

Table 8 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

encoded_authorization_message

String

Encrypted error message.

Example Request

Querying configurations for an external identity provider

GET https://{hostname}/v1/identity-stores/{identity_store_id}/external-idp

Example Response

Status code: 200

Successful

{
  "associations" : [ {
    "idp_certificate_ids" : [ {
      "certificate_id" : "553523a6-ebde-4570-9409-xxxxxx",
      "status" : "ACTIVE"
    } ],
    "idp_id" : "a48e3f1b-59f8-4b8f-9944-795xxx",
    "idp_saml_config" : {
      "entity_id" : "https://sts.windows.net/36118e7b-55b4-4a70-8d9f-xxxxx/",
      "login_url" : "https://login.microsoftonline.com/36118e7b-55b4-4a70-xxxxxx/saml2",
      "want_request_signed" : false
    },
    "is_enabled" : true
  } ]
}

Status Codes

Status Code

Description

200

Successful.

400

Bad request.

403

Forbidden.

Error Codes

For details, see Error Codes.