Skip to content
Ona API Reference
Ona Docs
API Reference
Organizations
SSO Configurations

UpdateSSOConfiguration

organizations.sso_configurations.update(SSOConfigurationUpdateParams**kwargs) -> object
POST/gitpod.v1.OrganizationService/UpdateSSOConfiguration

Updates SSO provider settings and authentication rules.

Use this method to:

  • Rotate client credentials
  • Update provider endpoints
  • Modify claim mappings
  • Change authentication policies
  • Toggle SSO enforcement

Examples

  • Update credentials:

    Rotates client ID and secret.

    ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
clientId: "new-client-id"
clientSecret: "new-client-secret"

  • Update provider status:

    Activates or deactivates SSO provider.

    ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
state: SSO_CONFIGURATION_STATE_ACTIVE
ParametersExpand Collapse
sso_configuration_id: str

sso_configuration_id is the ID of the SSO configuration to update

formatuuid
additional_scopes: Optional[AdditionalScopesUpdateParam]

additional_scopes replaces the configured OIDC scopes when present. When absent (nil), scopes are left unchanged. When present with an empty scopes list, all additional scopes are cleared.

scopes: Optional[List[str]]
claims: Optional[Dict[str, str]]

claims are key/value pairs that defines a mapping of claims issued by the IdP.

claims_expression: Optional[str]

claims_expression is a CEL expression evaluated against OIDC token claims during login. When set, the expression must evaluate to true for the login to succeed. When present with an empty string, the expression is cleared.

maxLength4096
client_id: Optional[str]

client_id is the client ID of the SSO provider

minLength1
client_secret: Optional[str]

client_secret is the client secret of the SSO provider

minLength1
display_name: Optional[str]
maxLength128
email_domain: Optional[str]
minLength4
email_domains: Optional[Sequence[str]]
issuer_url: Optional[str]

issuer_url is the URL of the IdP issuer

formaturi
state: Optional[SSOConfigurationState]

state is the state of the SSO configuration

One of the following:
"SSO_CONFIGURATION_STATE_UNSPECIFIED"
"SSO_CONFIGURATION_STATE_INACTIVE"
"SSO_CONFIGURATION_STATE_ACTIVE"
ReturnsExpand Collapse
object

UpdateSSOConfiguration

import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
sso_configuration = client.organizations.sso_configurations.update(
    sso_configuration_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
    client_id="new-client-id",
    client_secret="new-client-secret",
)
print(sso_configuration)
{}
Returns Examples
{}