## UpdateSSOConfiguration

**post** `/gitpod.v1.OrganizationService/UpdateSSOConfiguration`

Updates SSO provider settings and authentication rules.

Use this method to:

- Rotate client credentials
- Update provider endpoints
- Modify claim mappings
- Change authentication policies
- Toggle SSO enforcement

### Examples

- Update credentials:

  Rotates client ID and secret.

  ```yaml
  ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  clientId: "new-client-id"
  clientSecret: "new-client-secret"
  ```

- Update provider status:

  Activates or deactivates SSO provider.

  ```yaml
  ssoConfigurationId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  state: SSO_CONFIGURATION_STATE_ACTIVE
  ```

### Body Parameters

- `ssoConfigurationId: string`

  sso_configuration_id is the ID of the SSO configuration to update

- `additionalScopes: optional AdditionalScopesUpdate`

  additional_scopes replaces the configured OIDC scopes when present.
  When absent (nil), scopes are left unchanged.
  When present with an empty scopes list, all additional scopes are cleared.

  - `scopes: optional array of string`

- `claims: optional map[string]`

  claims are key/value pairs that defines a mapping of claims issued by the IdP.

- `claimsExpression: optional string`

  claims_expression is a CEL expression evaluated against OIDC token claims during login.
  When set, the expression must evaluate to true for the login to succeed.
  When present with an empty string, the expression is cleared.

- `clientId: optional string`

  client_id is the client ID of the SSO provider

- `clientSecret: optional string`

  client_secret is the client secret of the SSO provider

- `displayName: optional string`

- `emailDomain: optional string`

- `emailDomains: optional array of string`

- `issuerUrl: optional string`

  issuer_url is the URL of the IdP issuer

- `state: optional SSOConfigurationState`

  state is the state of the SSO configuration

  - `"SSO_CONFIGURATION_STATE_UNSPECIFIED"`

  - `"SSO_CONFIGURATION_STATE_INACTIVE"`

  - `"SSO_CONFIGURATION_STATE_ACTIVE"`

### Example

```http
curl https://app.gitpod.io/api/gitpod.v1.OrganizationService/UpdateSSOConfiguration \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $GITPOD_API_KEY" \
    -d '{
          "ssoConfigurationId": "d2c94c27-3b76-4a42-b88c-95a85e392c68"
        }'
```

#### Response

```json
{}
```