API
Start typing to search…

View a custom provider

get https://{hostname}//v2/config/low/services/engage-v2/apps//custom-providers/

Returns detailed information about the specified custom provider.

Path Params
string
required

Unique identifier issued to Akamai customers. If you aren’t sure what your Akamai customer ID is, log on to Console and check the value of the customer_id application setting.

string
required

Unique identifier of the Identity Cloud application associated with your custom provider. You can find your application ID on the Console's Manage Application page.

string
required

Unique identifier of a custom provider. IDs are assigned to a provider when the provider is created.

Responses

Response body
object
string

Maps the user profile claims returned from the social login identity provider to their corresponding attributes in the Identity Cloud user profile. For example, an OpenID Connect claim named username might map to the Identity Cloud’s displayName attribute. Without the attribute_map member you can’t copy information from the user’s social login account to their Identity Cloud account. Note that, when creating a map, the Identity Cloud attribute is listed first and the IDP attribute is listed second. This member is used with OAuth, OpenID Connect, and SAML 2 providers.

string

URL of the identity provider’s authorization server. For OpenID Connect and OAuth 2.0, the auth_url is found in the provider’s documentation or, for OpenID Connect only, by looking for the authorization_endpoint entry in the website’s discovery document. For SAML 2 providers you can determine the URL by retrieving the provider’s SAML metadata and looking for the SingleSignOnService element and the Location attribute. Regardless, the auth_url value must use the HTTPS scheme. This member is used with OAuth, OpenID Connect, and SAML 2 providers.

authn_context
object

Configures the RequestedAuthnContext element in SAML requests. When enabled, this element asks the SAML IdP to authenticate users by using a username and password. Typically this makes no difference because most SAML IdPs simply ignore the RequestedAuthnContext element. However, in some cases this element can prevent a user from being authenticated. By default, authn_context is enabled on all SAML providers created prior to August 12, 2021, and disabled for providers created after that date. If necessary, you can disable authn_context by setting the value to null. This member is only valid for SAML 2 providers.

string

Indicates that the requested authentication context must be an exact match to the class_ref.

exact

string

Employed when a user authenticates to an authentication authority by using a password.

PasswordProtectedTransport

string

Unique identifier of the identity provider authentication client used for authorization. This is the client you created on the provider’s developers site. Note that not all providers refer to this item as the client ID. Some providers might reference an application ID, an app ID, or an API client ID. Use the token_auth_method field to control how this member is used with OAuth. This member is used with OAuth and with OpenID Connect clients.

string

Password for the authentication client referenced in the client_id member. Not all providers call this a client secret. Some providers might reference an application secret or app secret, while others might use the term API secret or API key. Use the token_auth_method field to control how this member is used with OAuth. This member is used with OAuth and with OpenID Connect clients.

string

Attribute that uniquely identifies the user. For example, if the response from the OAuth provider includes a unique identifier named userid you must set the identifier_attribute to /userid. This member is only used with OAuth providers.

string

X.509 certificate the identity provider uses to sign a SAML assertion. In a SAML assertion, the encoded certificate is found in the <ds:X509Certificate> section. In the <ds:SignatureValue> section you’ll find the public key, which can be used to verify the authenticity of the assertion. This member is only used with SAML 2 providers.

idp_certificate_chain
array of strings

Comma-separated collection of additional certificates needed to complete the certificate chain. This member is only required if you use an outside Certificate Authority. If you use a self-signed SAML certificate there’s no certificate chain to specify. member parameter is only used with SAML providers.

idp_certificate_chain
string

URL of the identity provider’s userinfo endpoint. The profile_url can be found in the provider’s documentation or, for OpenID Connect, by looking for the userinfo_endpoint entry in the website’s discovery document. This member, valid only with OAuth and OpenID Connect clients, must use the HTTPS scheme.

string

Authentication protocol used by the identity provider. This member is used with OAuth, OpenID Connect, and SAML2 providers.

oauth2 openidconnect saml2

scopes
array of strings

Specifies the user profile information that can be retrieved from the identity provider’s userinfo endpoint following a successful authentication. Standard OpenID Connect scopes include openid; email; phone; address; and profile. However, many IDPs have custom scopes instead of (or in addition to) these standard scopes. This member is used only with OAuth and OpenID Connect providers.

scopes
string

Unique name of a custom provider. This member is used with OAuth, OpenID Connect, and SAML 2 providers.

string

Authentication method used when making a request to the provider's token endpoint. With the default client_secret_post method the client sends authentication information as part of the request body in an HTTP POST. With the client_secret_basic method the client passes a user ID and password to the server as part of an Authorization header. The client_secret_basic method should only be used on a secure connection. This member is used OAuth providers.

client_secret_post client_secret_basic

string

URL of the identity provider’s token endpoint. The token_url can be found in the provider’s documentation or, for OpenID Connect only, by looking for the token_endpoint entry in the website’s discovery document. This member, valid only with OAuth and OpenID Connect clients, must use the HTTPS protocol.

ui
object

Configuration information specifying how the custom provider is displayed on your Hosted Login sign-in screen.

string

Name of the custom provider as shown in the sign-in screen

string

URL to the publicly-accessible image used on the sign-in screen. Your icon can use either the PNG or SVG format.

string

Configuration URL to a custom provider.

string

Timestamp the custom provider was created,

string

Timestamp the custom provider was last updated.

Updated almost 3 years ago

Did this page help you?
Language
Authentication
Remember to add your authentication credentials to run this code.
URL

Updated almost 3 years ago

Did this page help you?