## UpdateSSOConfiguration

`organizations.sso_configurations.update(SSOConfigurationUpdateParams**kwargs)  -> object`

**post** `/gitpod.v1.OrganizationService/UpdateSSOConfiguration`

Updates SSO provider settings and authentication rules.

Use this method to:

- Rotate client credentials
- Update provider endpoints
- Modify claim mappings
- Change authentication policies
- Toggle SSO enforcement

### Examples

- Update credentials:

  Rotates client ID and secret.

  ```yaml
  ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  clientId: "new-client-id"
  clientSecret: "new-client-secret"
  ```

- Update provider status:

  Activates or deactivates SSO provider.

  ```yaml
  ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  state: SSO_CONFIGURATION_STATE_ACTIVE
  ```

### Parameters

- `sso_configuration_id: str`

  sso_configuration_id is the ID of the SSO configuration to update

- `additional_scopes: Optional[AdditionalScopesUpdateParam]`

  additional_scopes replaces the configured OIDC scopes when present.
  When absent (nil), scopes are left unchanged.
  When present with an empty scopes list, all additional scopes are cleared.

  - `scopes: Optional[List[str]]`

- `claims: Optional[Dict[str, str]]`

  claims are key/value pairs that defines a mapping of claims issued by the IdP.

- `claims_expression: Optional[str]`

  claims_expression is a CEL expression evaluated against OIDC token claims during login.
  When set, the expression must evaluate to true for the login to succeed.
  When present with an empty string, the expression is cleared.

- `client_id: Optional[str]`

  client_id is the client ID of the SSO provider

- `client_secret: Optional[str]`

  client_secret is the client secret of the SSO provider

- `display_name: Optional[str]`

- `email_domain: Optional[str]`

- `email_domains: Optional[Sequence[str]]`

- `issuer_url: Optional[str]`

  issuer_url is the URL of the IdP issuer

- `state: Optional[SSOConfigurationState]`

  state is the state of the SSO configuration

  - `"SSO_CONFIGURATION_STATE_UNSPECIFIED"`

  - `"SSO_CONFIGURATION_STATE_INACTIVE"`

  - `"SSO_CONFIGURATION_STATE_ACTIVE"`

### Returns

- `object`

### Example

```python
import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
sso_configuration = client.organizations.sso_configurations.update(
    sso_configuration_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
    client_id="new-client-id",
    client_secret="new-client-secret",
)
print(sso_configuration)
```

#### Response

```json
{}
```