## ListSSOConfigurations **post** `/gitpod.v1.OrganizationService/ListSSOConfigurations` Lists and filters SSO configurations for an organization. Use this method to: - View all SSO providers - Monitor authentication status - Audit security settings - Manage provider configurations ### Examples - List active configurations: Shows all active SSO providers. ```yaml organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" pagination: pageSize: 20 ``` - List by provider type: Shows custom SSO configurations. ```yaml organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" pagination: pageSize: 20 token: "next-page-token-from-previous-response" ``` ### Query Parameters - `token: optional string` - `pageSize: optional number` ### Body Parameters - `organizationId: string` organization_id is the ID of the organization to list SSO configurations for. - `pagination: optional object { token, pageSize }` - `token: optional string` Token for the next set of results that was returned as next_token of a PaginationResponse - `pageSize: optional number` Page size is the maximum number of results to retrieve per page. Defaults to 25. Maximum 100. ### Returns - `pagination: object { nextToken }` - `nextToken: optional string` Token passed for retrieving the next set of results. Empty if there are no more results - `ssoConfigurations: optional array of SSOConfiguration` sso_configurations are the SSO configurations for the organization - `id: string` id is the unique identifier of the SSO configuration - `issuerUrl: string` issuer_url is the URL of the IdP issuer - `organizationId: string` - `providerType: ProviderType` provider_type defines the type of the SSO configuration - `"PROVIDER_TYPE_UNSPECIFIED"` - `"PROVIDER_TYPE_BUILTIN"` - `"PROVIDER_TYPE_CUSTOM"` - `state: SSOConfigurationState` state is the state of the SSO configuration - `"SSO_CONFIGURATION_STATE_UNSPECIFIED"` - `"SSO_CONFIGURATION_STATE_INACTIVE"` - `"SSO_CONFIGURATION_STATE_ACTIVE"` - `additionalScopes: optional array of string` additional_scopes are extra OIDC scopes requested from the identity provider during sign-in. - `claims: optional map[string]` claims are key/value pairs that defines a mapping of claims issued by the IdP. - `claimsExpression: optional string` claims_expression is a CEL (Common Expression Language) expression evaluated against the OIDC token claims during login. When set, the expression must evaluate to true for the login to succeed. The expression has access to a `claims` variable containing all token claims as a map. Example: `claims.email_verified && claims.email.endsWith("@example.com")` - `clientId: optional string` client_id is the client ID of the OIDC application set on the IdP - `displayName: optional string` - `emailDomain: optional string` - `emailDomains: optional array of string` ### Example ```http curl https://app.gitpod.io/api/gitpod.v1.OrganizationService/ListSSOConfigurations \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $GITPOD_API_KEY" \ -d '{ "organizationId": "b0e12f6c-4c67-429d-a4a6-d9838b5da047" }' ``` #### Response ```json { "pagination": { "nextToken": "nextToken" }, "ssoConfigurations": [ { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "issuerUrl": "issuerUrl", "organizationId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "providerType": "PROVIDER_TYPE_UNSPECIFIED", "state": "SSO_CONFIGURATION_STATE_UNSPECIFIED", "additionalScopes": [ "string" ], "claims": { "foo": "string" }, "claimsExpression": "claimsExpression", "clientId": "clientId", "displayName": "displayName", "emailDomain": "emailDomain", "emailDomains": [ "sfN2.l.iJR-BU.u9JV9.a.m.o2D-4b-Jd.0Z-kX.L.n.S.f.UKbxB" ] } ] } ```