Skip to main content
PUT
/
v2
/
session
/
apps
/
{appID}
/
config
/
login
/
saml
/
{providerID}
/
{connectionID}
Update SAML connection
curl --request PUT \
  --url https://api.prelude.dev/v2/session/apps/{appID}/config/login/saml/{providerID}/{connectionID} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "enabled": true,
  "mapping": {
    "email": "<string>",
    "first_name": "<string>",
    "last_name": "<string>",
    "groups": "<string>",
    "custom": {}
  }
}
'
{
  "connection": {
    "id": "<string>",
    "provider_id": "<string>",
    "name": "<string>",
    "enabled": true,
    "idp": {
      "entity_id": "<string>",
      "sso_url": "<string>",
      "slo_url": "<string>",
      "certificates": [
        "<string>"
      ]
    },
    "sp": {
      "entity_id": "<string>",
      "acs_url": "<string>",
      "slo_url": "<string>",
      "metadata_url": "<string>",
      "signing_certificate": "<string>"
    },
    "behavior": {
      "allow_email_account_merge": true,
      "jit_provisioning": true,
      "enforce_login": true,
      "default_redirect_uri": "<string>",
      "email_domain_allowlist": [
        "<string>"
      ]
    },
    "mapping": {
      "email": "<string>",
      "given_name": "<string>",
      "family_name": "<string>",
      "groups": "<string>",
      "custom": {}
    },
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

appID
string
required

The id of the app the request refers to. An application's unique identifier.

Examples:

"54e9ujn"

"fvua38g"

providerID
string
required

The SAML provider identifier.

Examples:

"okta"

"google"

"jumpcloud"

connectionID
string
required

The SAML connection identifier (prefixed with samlc_).

Example:

"samlc_01jqebhswje1ka1z7ahr9rfsgt"

Body

application/json

Partial update; omitted fields are left unchanged.

name
string
enabled
boolean
idp
object

Explicit IdP block. Provide this only when you are not using idp_metadata_url or idp_metadata_xml. Certificates accept raw PEM or base64-wrapped PEM.

behavior
object
mapping
object

Maps SAML assertion attributes to user profile fields. Defaults are applied per provider when omitted.

Response

OK

connection
object
required