Skip to content
Ona API Reference
Ona Docs
API Reference
Organizations

SSO Configurations

CreateSSOConfiguration
organizations.sso_configurations.create(SSOConfigurationCreateParams**kwargs) -> SSOConfigurationCreateResponse
POST/gitpod.v1.OrganizationService/CreateSSOConfiguration
DeleteSSOConfiguration
organizations.sso_configurations.delete(SSOConfigurationDeleteParams**kwargs) -> object
POST/gitpod.v1.OrganizationService/DeleteSSOConfiguration
ListSSOConfigurations
organizations.sso_configurations.list(SSOConfigurationListParams**kwargs) -> SyncSSOConfigurationsPage[SSOConfiguration]
POST/gitpod.v1.OrganizationService/ListSSOConfigurations
GetSSOConfiguration
organizations.sso_configurations.retrieve(SSOConfigurationRetrieveParams**kwargs) -> SSOConfigurationRetrieveResponse
POST/gitpod.v1.OrganizationService/GetSSOConfiguration
UpdateSSOConfiguration
organizations.sso_configurations.update(SSOConfigurationUpdateParams**kwargs) -> object
POST/gitpod.v1.OrganizationService/UpdateSSOConfiguration
ModelsExpand Collapse
class AdditionalScopesUpdate:

AdditionalScopesUpdate wraps a list of OIDC scopes so that the update request can distinguish “not changing scopes” (field absent) from “clearing all scopes” (field present, empty list).

scopes: Optional[List[str]]
Literal["PROVIDER_TYPE_UNSPECIFIED", "PROVIDER_TYPE_BUILTIN", "PROVIDER_TYPE_CUSTOM"]
One of the following:
"PROVIDER_TYPE_UNSPECIFIED"
"PROVIDER_TYPE_BUILTIN"
"PROVIDER_TYPE_CUSTOM"
class SSOConfiguration:
id: str

id is the unique identifier of the SSO configuration

formatuuid
issuer_url: str

issuer_url is the URL of the IdP issuer

organization_id: str
formatuuid
provider_type: ProviderType

provider_type defines the type of the SSO configuration

One of the following:
"PROVIDER_TYPE_UNSPECIFIED"
"PROVIDER_TYPE_BUILTIN"
"PROVIDER_TYPE_CUSTOM"
state: SSOConfigurationState

state is the state of the SSO configuration

One of the following:
"SSO_CONFIGURATION_STATE_UNSPECIFIED"
"SSO_CONFIGURATION_STATE_INACTIVE"
"SSO_CONFIGURATION_STATE_ACTIVE"
additional_scopes: Optional[List[str]]

additional_scopes are extra OIDC scopes requested from the identity provider during sign-in.

claims: Optional[Dict[str, str]]

claims are key/value pairs that defines a mapping of claims issued by the IdP.

claims_expression: Optional[str]

claims_expression is a CEL (Common Expression Language) expression evaluated against the OIDC token claims during login. When set, the expression must evaluate to true for the login to succeed. The expression has access to a claims variable containing all token claims as a map. Example: claims.email_verified && claims.email.endsWith("@example.com")

maxLength4096
client_id: Optional[str]

client_id is the client ID of the OIDC application set on the IdP

display_name: Optional[str]
maxLength128
email_domain: Optional[str]
email_domains: Optional[List[str]]
Literal["SSO_CONFIGURATION_STATE_UNSPECIFIED", "SSO_CONFIGURATION_STATE_INACTIVE", "SSO_CONFIGURATION_STATE_ACTIVE"]
One of the following:
"SSO_CONFIGURATION_STATE_UNSPECIFIED"
"SSO_CONFIGURATION_STATE_INACTIVE"
"SSO_CONFIGURATION_STATE_ACTIVE"
class SSOConfigurationCreateResponse:
sso_configuration: SSOConfiguration

sso_configuration is the created SSO configuration

id: str

id is the unique identifier of the SSO configuration

formatuuid
issuer_url: str

issuer_url is the URL of the IdP issuer

organization_id: str
formatuuid
provider_type: ProviderType

provider_type defines the type of the SSO configuration

One of the following:
"PROVIDER_TYPE_UNSPECIFIED"
"PROVIDER_TYPE_BUILTIN"
"PROVIDER_TYPE_CUSTOM"
state: SSOConfigurationState

state is the state of the SSO configuration

One of the following:
"SSO_CONFIGURATION_STATE_UNSPECIFIED"
"SSO_CONFIGURATION_STATE_INACTIVE"
"SSO_CONFIGURATION_STATE_ACTIVE"
additional_scopes: Optional[List[str]]

additional_scopes are extra OIDC scopes requested from the identity provider during sign-in.

claims: Optional[Dict[str, str]]

claims are key/value pairs that defines a mapping of claims issued by the IdP.

claims_expression: Optional[str]

claims_expression is a CEL (Common Expression Language) expression evaluated against the OIDC token claims during login. When set, the expression must evaluate to true for the login to succeed. The expression has access to a claims variable containing all token claims as a map. Example: claims.email_verified && claims.email.endsWith("@example.com")

maxLength4096
client_id: Optional[str]

client_id is the client ID of the OIDC application set on the IdP

display_name: Optional[str]
maxLength128
email_domain: Optional[str]
email_domains: Optional[List[str]]
class SSOConfigurationRetrieveResponse:
sso_configuration: SSOConfiguration

sso_configuration is the SSO configuration identified by the ID

id: str

id is the unique identifier of the SSO configuration

formatuuid
issuer_url: str

issuer_url is the URL of the IdP issuer

organization_id: str
formatuuid
provider_type: ProviderType

provider_type defines the type of the SSO configuration

One of the following:
"PROVIDER_TYPE_UNSPECIFIED"
"PROVIDER_TYPE_BUILTIN"
"PROVIDER_TYPE_CUSTOM"
state: SSOConfigurationState

state is the state of the SSO configuration

One of the following:
"SSO_CONFIGURATION_STATE_UNSPECIFIED"
"SSO_CONFIGURATION_STATE_INACTIVE"
"SSO_CONFIGURATION_STATE_ACTIVE"
additional_scopes: Optional[List[str]]

additional_scopes are extra OIDC scopes requested from the identity provider during sign-in.

claims: Optional[Dict[str, str]]

claims are key/value pairs that defines a mapping of claims issued by the IdP.

claims_expression: Optional[str]

claims_expression is a CEL (Common Expression Language) expression evaluated against the OIDC token claims during login. When set, the expression must evaluate to true for the login to succeed. The expression has access to a claims variable containing all token claims as a map. Example: claims.email_verified && claims.email.endsWith("@example.com")

maxLength4096
client_id: Optional[str]

client_id is the client ID of the OIDC application set on the IdP

display_name: Optional[str]
maxLength128
email_domain: Optional[str]
email_domains: Optional[List[str]]