tencent cloud

All product documents
Identity Aware Platform
DocumentationIdentity Aware PlatformAPI DocumentationIAP APIsUpdateIAPUserOIDCConfig
UpdateIAPUserOIDCConfig
Download PDF
Last updated: 2025-04-09 11:39:57
UpdateIAPUserOIDCConfig
Last updated: 2025-04-09 11:39:57
Download PDF

1. API Description

Domain name for API request: iap.intl.tencentcloudapi.com.

This API is used to modify a user OIDC configuration.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name Required Type Description
Action Yes String Common Params. The value used for this API: UpdateIAPUserOIDCConfig.
Version Yes String Common Params. The value used for this API: 2024-07-13.
Region No String Common Params. This parameter is not required.
IdentityUrl Yes String OpenID Connect IdP URL. It corresponds to the value of the "issuer" field in the Openid-configuration provided by the enterprise IdP.
ClientId Yes String Client ID registered with the OpenID Connect IdP.
AuthorizationEndpoint Yes String OpenID Connect IdP authorization endpoint. It corresponds to the value of the "authorization_endpoint" field in the Openid-configuration provided by the enterprise IdP.
ResponseType Yes String Authorization response type, which is always id_token.
ResponseMode Yes String Authorization response mode. Valid values: form_post (recommended); fragment.
MappingFiled Yes String Mapping field name. It indicates which field in the id_token of the IdP is mapped to the username of a sub-user. It is usually the sub or name field.
IdentityKey Yes String RSA signature public key in the JWKS format, which is used to verify the OpenID Connect IdP's ID token and must be Base64-encoded. For the security of your account, we recommend you rotate it regularly.
Scope.N No Array of String Authorization information scope. Valid values: openid (default); email; profile.
Description No String Description, with a length of 1 to 255 English or Chinese characters. It is empty by default.

3. Output Parameters

Parameter Name Type Description
RequestId String The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

4. Example

Example1 Modifying IAP's OIDC Configuration

This example shows you how to modify IAP's OIDC configuration.

Input Example

POST / HTTP/1.1
Host: iap.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: UpdateIAPUserOIDCConfig
<Common request parameters>

{
    "IdentityUrl": "https://accounts.g**gle.com",
    "ClientId": "47***01-pu***mvj4lj1de7tj.apps.g**gleusercontent.com",
    "AuthorizationEndpoint": "https://accounts.g**gle.com/o/oauth2/v2/auth",
    "ResponseType": "id_token",
    "ResponseMode": "form_post",
    "MappingFiled": "email",
    "IdentityKey": "ewogICAgImtle***xkd09GTHVVRUJkdyIKICAgICAgICB9CiAgICBdCn0=",
    "Scope": [
        "openid",
        "email",
        "profile"
    ],
    "Description": "1"
}

Output Example

{
    "Response": {
        "RequestId": "b83e3152-6d18-4617-986d-ff4c666750ed"
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code Description
FailedOperation Operation failed.
InvalidParameter Parameter error.
InvalidParameter.IdentityNameInUse The IdP name is already in use.
InvalidParameter.MetadataError IdP metadata document error.
InvalidParameterValue.IdentityKeyError The OIDC signature public key is incorrect.
InvalidParameterValue.IdentityUrlError The IdP URL is incorrect.
LimitExceeded.IdentityFull The upper limit on the number of IdPs has been reached.
ResourceNotFound.IdentityNotExist The IdP does not exist.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback

Contact Us

Contact our sales team or business advisors to help your business.

Contact Us
Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 available.

Submit a Ticket
7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon