Domain name for API request: cam.tencentcloudapi.com.
This API is used to modify the user OIDC configuration.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: UpdateUserOIDCConfig. |
Version | Yes | String | Common Params. The value used for this API: 2019-01-16. |
Region | No | String | Common Params. This parameter is not required for this API. |
IdentityUrl | Yes | String | OpenID Connect IdP URL. It corresponds to the value of the issuer field in the Openid-configuration provided by the enterprise IdP. |
IdentityKey | Yes | String | Signature public key, which is used to verify the OpenID Connect IdP's ID token and must be Base64-encoded. For the security of your account, we recommend you rotate it regularly. |
ClientId | Yes | String | Client ID registered with the OpenID Connect IdP. |
AuthorizationEndpoint | Yes | String | OpenID Connect IdP authorization endpoint. It corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the enterprise IdP. |
ResponseType | Yes | String | Authorization response type, which is always id_token . |
ResponseMode | Yes | String | Authorization response mode. Valid values: form_post (recommended); fragment. |
MappingFiled | Yes | String | Mapping field name. It indicates which field in the id_token of the IdP is mapped to the username of a sub-user. It is usually the sub or name field |
Scope.N | No | Array of String | Authorization information scope. Valid values: openid (default); email; profile. |
Description | No | String | Description |
Parameter Name | Type | Description |
---|---|---|
RequestId | String | The unique request ID, which is returned for each request. RequestId is required for locating a problem. |
POST / HTTP/1.1
Host: cam.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: UpdateUserOIDCConfig
<Common request parameters>
{
"ResponseType": "id_token",
"IdentityUrl": "https://tencent.auth**.com",
"ResponseMode": "form_post",
"Description": "Description",
"IdentityKey": "key",
"ClientId": "cbaefefes9823***",
"MappingFiled": "sub",
"AuthorizationEndpoint": "https://tencent.auth**.com",
"Scope": [
"email"
]
}
{
"Response": {
"RequestId": "10a20884-070e-48a8-aa40-9ed295a33ea2"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
InvalidParameter | Incorrect parameter. |
InvalidParameter.IdentityNameInUse | Identity provider name already in use. |
InvalidParameterValue.IdentityKeyError | The OIDC signature public key is incorrect. |
InvalidParameterValue.IdentityUrlError | The IdP URL is incorrect. |
InvalidParameterValue.MetadataError | Identity provider metadata document error. |
LimitExceeded.IdentityFull | Limit on number of identity providers reached. |
ResourceNotFound.IdentityNotExist | Identity provider does not exist. |
Was this page helpful?