## GetSSOConfiguration

**post** `/gitpod.v1.OrganizationService/GetSSOConfiguration`

Retrieves a specific SSO configuration.

Use this method to:

- View SSO provider details
- Check configuration status
- Verify SSO settings

### Examples

- Get SSO configuration:

  Retrieves details of a specific SSO configuration.

  ```yaml
  ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  ```

### Body Parameters

- `ssoConfigurationId: string`

  sso_configuration_id is the ID of the SSO configuration to get

### Returns

- `ssoConfiguration: SSOConfiguration`

  sso_configuration is the SSO configuration identified by the ID

  - `id: string`

    id is the unique identifier of the SSO configuration

  - `issuerUrl: string`

    issuer_url is the URL of the IdP issuer

  - `organizationId: string`

  - `providerType: ProviderType`

    provider_type defines the type of the SSO configuration

    - `"PROVIDER_TYPE_UNSPECIFIED"`

    - `"PROVIDER_TYPE_BUILTIN"`

    - `"PROVIDER_TYPE_CUSTOM"`

  - `state: SSOConfigurationState`

    state is the state of the SSO configuration

    - `"SSO_CONFIGURATION_STATE_UNSPECIFIED"`

    - `"SSO_CONFIGURATION_STATE_INACTIVE"`

    - `"SSO_CONFIGURATION_STATE_ACTIVE"`

  - `additionalScopes: optional array of string`

    additional_scopes are extra OIDC scopes requested from the identity provider during sign-in.

  - `claims: optional map[string]`

    claims are key/value pairs that defines a mapping of claims issued by the IdP.

  - `claimsExpression: optional string`

    claims_expression is a CEL (Common Expression Language) expression evaluated against
    the OIDC token claims during login. When set, the expression must evaluate to true
    for the login to succeed. The expression has access to a `claims` variable containing
    all token claims as a map. Example: `claims.email_verified && claims.email.endsWith("@example.com")`

  - `clientId: optional string`

    client_id is the client ID of the OIDC application set on the IdP

  - `displayName: optional string`

  - `emailDomain: optional string`

  - `emailDomains: optional array of string`

### Example

```http
curl https://app.gitpod.io/api/gitpod.v1.OrganizationService/GetSSOConfiguration \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $GITPOD_API_KEY" \
    -d '{
          "ssoConfigurationId": "d2c94c27-3b76-4a42-b88c-95a85e392c68"
        }'
```

#### Response

```json
{
  "ssoConfiguration": {
    "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "issuerUrl": "issuerUrl",
    "organizationId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "providerType": "PROVIDER_TYPE_UNSPECIFIED",
    "state": "SSO_CONFIGURATION_STATE_UNSPECIFIED",
    "additionalScopes": [
      "string"
    ],
    "claims": {
      "foo": "string"
    },
    "claimsExpression": "claimsExpression",
    "clientId": "clientId",
    "displayName": "displayName",
    "emailDomain": "emailDomain",
    "emailDomains": [
      "sfN2.l.iJR-BU.u9JV9.a.m.o2D-4b-Jd.0Z-kX.L.n.S.f.UKbxB"
    ]
  }
}
```