identity-providers
PrivX Identity Providers
get
/role-store/api/v1/identity-providersList all identity providers.
offsetintOffset where to start fetching the items
- Default
- 0
limitintNumber of items to return
- Default
- 50
- Max
- 100
sortdirstringSort direction, asc or desc
- Default
- "ASC"
- Enum
- ASC
- DESC
sortkeystringSort by specific object property
- Default
- "id"
- Enum
- id
- name
- jwt_issuer
- token_type
- created
- updated
Responses
Response examples
Successful response, returns an array of identity providers.
{
"count": 123,
"items": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "Acme identity provider",
"token_type": "JWT",
"jwt_issuer": "acme",
"jwt_audience": "privx",
"jwt_subject_type": "dn",
"jwt_subject_dn_username_attribute": "cn",
"custom_attributes": [
{
"field_name": "email",
"type": "string_pattern",
"expected_value": "*@privx.io"
},
{
"field_name": "instances",
"type": "ip_range",
"start": "192.168.3.1",
"end": "192.168.3.254"
},
{
"field_name": "instances",
"type": "ip_client"
},
{
"field_name": "uid",
"type": "numeric_range",
"start": "1001",
"end": "65535"
}
],
"public_key_method": "static",
"public_keys": [
{
"key_id": "key-1",
"comment": "string",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
}
],
"x5u_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n",
"x5u_tls_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n",
"x5u_prefix": "https://privx.io/token-issuer",
"enabled": true,
"users_directory": "5bf77342-221c-11ee-be56-0242ac120002",
"author": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2023-06-07T17:32:28Z",
"updated": "2023-06-07T17:32:28Z",
"updated_by": "string"
}
]
}post
/role-store/api/v1/identity-providersCreate a new Identity Provider.
idstring- Format
- uuid
namestringrequired
Identity provider name, must be unique
- Min Length
- 2
- Max Length
- 2042
- Example
- "Acme identity provider"
token_typestringrequired
Token type. Only "JWT" is supported.
- Enum
- JWT
- Example
- "JWT"
jwt_issuerstringrequired
JWT issuer
- Max Length
- 2042
- Example
- "acme"
jwt_audiencestringExpected JWT audience. JWT aud claim must either have a single matching value or it must be have an array of values of which at least one value must match.
- Max Length
- 2042
- Example
- "privx"
jwt_subject_typestringrequired
JWT subject claim format
- Enum
- plain
- dn
- Example
- "dn"
jwt_subject_dn_username_attributestringIf jwt_subject_type is "dn" then jwt_subject_dn_username_attribute specifies the name of the attribute to be used as username when resolving the user
- Example
- "cn"
custom_attributesarray- Example
- [ { "field_name": "email", "type": "string_pattern", "expected_value": "*@privx.io" }, { "field_name": "instances", "type": "ip_range", "start": "192.168.3.1", "end": "192.168.3.254" }, { "field_name": "instances", "type": "ip_client" }, { "field_name": "uid", "type": "numeric_range", "start": "1001", "end": "65535" } ]
field_namestringrequired
Name of JWT token claim
typestringrequired
Type of the custom attribute validation. "string_pattern" compares a claim value to a glob pattern. "numeric_range" checks that the claim value is within an expected numeric range. "ip_range" checks that claim value is an IP address within an IP range. "ip_client" check that claim value matches the IP address from which the token login REST API request is made.
- Enum
- string_pattern
- numeric_range
- ip_range
- ip_client
expected_valuestringExpected claim value as glob pattern when type is "string_pattern"
startstringStart value. If type is numeric_range then start must be an integer or a float value in string format. If type is ip_range then start must be a valid IPv4 or IPv6 address.
endstringEnd value. If type is numeric_range then the type of the value must match start and the value must not be smaller than start. If type is ip_range then the IP version must match start and the value must not be smaller than start.
public_key_methodstringMethod for obtaining the token verification public key
- Enum
- static
- x5u
- x5u-publickey
public_keysarraykey_idstringrequired
Key ID
- Example
- "key-1"
commentstringComment
public_keystringrequired
Public key in PKIX PEM format
- Example
- "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
x5u_trust_anchorstringTrust anchor for verifying X.509 certificates fetched from x5u urls. Required if public_key_method is "x5u"
- Format
- PEM certificate or certificate chain
- Example
- "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n"
x5u_tls_trust_anchorstringTrust anchor for TLS server certificates used when fetching X.509 certificates or public keys from x5u urls. If not specified then system trust anchors will be used.
- Format
- PEM certificate or certificate chain
- Example
- "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n"
x5u_prefixstringThe url in the token's x5u claim must start with the x5u_prefix or it will be rejected. x5u_prefix must be a valid https url. Required if public_key_method is "x5u-publickey".
- Format
- uri
- Example
- "https://privx.io/token-issuer"
enabledbooleanEnable/Disable Identity Provider
users_directorystringrequired
ID of the PrivX user directory from which the users are resolved by token's sub claim. OIDC user directories are not supported.
- Format
- uuid
authorstringIdentity Provider Author
- Format
- uuid
createdstringCreation time
- Format
- date-time
updatedstringTime of the last update
- Format
- date-time
updated_bystringID of the user who last updated the identity provider
Responses
Request examples
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "Acme identity provider",
"token_type": "JWT",
"jwt_issuer": "acme",
"jwt_audience": "privx",
"jwt_subject_type": "dn",
"jwt_subject_dn_username_attribute": "cn",
"custom_attributes": [
{
"field_name": "email",
"type": "string_pattern",
"expected_value": "*@privx.io"
},
{
"field_name": "instances",
"type": "ip_range",
"start": "192.168.3.1",
"end": "192.168.3.254"
},
{
"field_name": "instances",
"type": "ip_client"
},
{
"field_name": "uid",
"type": "numeric_range",
"start": "1001",
"end": "65535"
}
],
"public_key_method": "static",
"public_keys": [
{
"key_id": "key-1",
"comment": "string",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
}
],
"x5u_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n",
"x5u_tls_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n",
"x5u_prefix": "https://privx.io/token-issuer",
"enabled": true,
"users_directory": "5bf77342-221c-11ee-be56-0242ac120002",
"author": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2023-06-07T17:32:28Z",
"updated": "2023-06-07T17:32:28Z",
"updated_by": "string"
}Response examples
Identity Provider Successfully created
{
"id": "5bf77342-221c-11ee-be56-0242ac120002"
}get
/role-store/api/v1/identity-providers/{id}Get Identity Provider by ID.
idstringrequired
Identity Provider ID
Responses
Response examples
Successful response, returns a Identity Provider if found
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "Acme identity provider",
"token_type": "JWT",
"jwt_issuer": "acme",
"jwt_audience": "privx",
"jwt_subject_type": "dn",
"jwt_subject_dn_username_attribute": "cn",
"custom_attributes": [
{
"field_name": "email",
"type": "string_pattern",
"expected_value": "*@privx.io"
},
{
"field_name": "instances",
"type": "ip_range",
"start": "192.168.3.1",
"end": "192.168.3.254"
},
{
"field_name": "instances",
"type": "ip_client"
},
{
"field_name": "uid",
"type": "numeric_range",
"start": "1001",
"end": "65535"
}
],
"public_key_method": "static",
"public_keys": [
{
"key_id": "key-1",
"comment": "string",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
}
],
"x5u_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n",
"x5u_tls_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n",
"x5u_prefix": "https://privx.io/token-issuer",
"enabled": true,
"users_directory": "5bf77342-221c-11ee-be56-0242ac120002",
"author": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2023-06-07T17:32:28Z",
"updated": "2023-06-07T17:32:28Z",
"updated_by": "string"
}put
/role-store/api/v1/identity-providers/{id}Update a Identity Provider.
idstring- Format
- uuid
namestringrequired
Identity provider name, must be unique
- Min Length
- 2
- Max Length
- 2042
- Example
- "Acme identity provider"
token_typestringrequired
Token type. Only "JWT" is supported.
- Enum
- JWT
- Example
- "JWT"
jwt_issuerstringrequired
JWT issuer
- Max Length
- 2042
- Example
- "acme"
jwt_audiencestringExpected JWT audience. JWT aud claim must either have a single matching value or it must be have an array of values of which at least one value must match.
- Max Length
- 2042
- Example
- "privx"
jwt_subject_typestringrequired
JWT subject claim format
- Enum
- plain
- dn
- Example
- "dn"
jwt_subject_dn_username_attributestringIf jwt_subject_type is "dn" then jwt_subject_dn_username_attribute specifies the name of the attribute to be used as username when resolving the user
- Example
- "cn"
custom_attributesarray- Example
- [ { "field_name": "email", "type": "string_pattern", "expected_value": "*@privx.io" }, { "field_name": "instances", "type": "ip_range", "start": "192.168.3.1", "end": "192.168.3.254" }, { "field_name": "instances", "type": "ip_client" }, { "field_name": "uid", "type": "numeric_range", "start": "1001", "end": "65535" } ]
field_namestringrequired
Name of JWT token claim
typestringrequired
Type of the custom attribute validation. "string_pattern" compares a claim value to a glob pattern. "numeric_range" checks that the claim value is within an expected numeric range. "ip_range" checks that claim value is an IP address within an IP range. "ip_client" check that claim value matches the IP address from which the token login REST API request is made.
- Enum
- string_pattern
- numeric_range
- ip_range
- ip_client
expected_valuestringExpected claim value as glob pattern when type is "string_pattern"
startstringStart value. If type is numeric_range then start must be an integer or a float value in string format. If type is ip_range then start must be a valid IPv4 or IPv6 address.
endstringEnd value. If type is numeric_range then the type of the value must match start and the value must not be smaller than start. If type is ip_range then the IP version must match start and the value must not be smaller than start.
public_key_methodstringMethod for obtaining the token verification public key
- Enum
- static
- x5u
- x5u-publickey
public_keysarraykey_idstringrequired
Key ID
- Example
- "key-1"
commentstringComment
public_keystringrequired
Public key in PKIX PEM format
- Example
- "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
x5u_trust_anchorstringTrust anchor for verifying X.509 certificates fetched from x5u urls. Required if public_key_method is "x5u"
- Format
- PEM certificate or certificate chain
- Example
- "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n"
x5u_tls_trust_anchorstringTrust anchor for TLS server certificates used when fetching X.509 certificates or public keys from x5u urls. If not specified then system trust anchors will be used.
- Format
- PEM certificate or certificate chain
- Example
- "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n"
x5u_prefixstringThe url in the token's x5u claim must start with the x5u_prefix or it will be rejected. x5u_prefix must be a valid https url. Required if public_key_method is "x5u-publickey".
- Format
- uri
- Example
- "https://privx.io/token-issuer"
enabledbooleanEnable/Disable Identity Provider
users_directorystringrequired
ID of the PrivX user directory from which the users are resolved by token's sub claim. OIDC user directories are not supported.
- Format
- uuid
authorstringIdentity Provider Author
- Format
- uuid
createdstringCreation time
- Format
- date-time
updatedstringTime of the last update
- Format
- date-time
updated_bystringID of the user who last updated the identity provider
Responses
Request examples
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "Acme identity provider",
"token_type": "JWT",
"jwt_issuer": "acme",
"jwt_audience": "privx",
"jwt_subject_type": "dn",
"jwt_subject_dn_username_attribute": "cn",
"custom_attributes": [
{
"field_name": "email",
"type": "string_pattern",
"expected_value": "*@privx.io"
},
{
"field_name": "instances",
"type": "ip_range",
"start": "192.168.3.1",
"end": "192.168.3.254"
},
{
"field_name": "instances",
"type": "ip_client"
},
{
"field_name": "uid",
"type": "numeric_range",
"start": "1001",
"end": "65535"
}
],
"public_key_method": "static",
"public_keys": [
{
"key_id": "key-1",
"comment": "string",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
}
],
"x5u_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n",
"x5u_tls_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n",
"x5u_prefix": "https://privx.io/token-issuer",
"enabled": true,
"users_directory": "5bf77342-221c-11ee-be56-0242ac120002",
"author": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2023-06-07T17:32:28Z",
"updated": "2023-06-07T17:32:28Z",
"updated_by": "string"
}Response examples
Identity Provider successfully updated
Empty response
delete
/role-store/api/v1/identity-providers/{id}Delete Identity Provider by ID.
idstringrequired
Identity Provider ID
Responses
Response examples
Identity Provider Successfully deleted
Empty response
post
/role-store/api/v1/identity-providers/searchSearch Identity Providers.
keywordsstringcomma or space separated list of search keywords
Responses
Request examples
{
"keywords": "string"
}Response examples
Successful response, returns a list of Identity Providers
{
"count": 123,
"items": [
{
"id": "5bf77342-221c-11ee-be56-0242ac120002",
"name": "Acme identity provider",
"token_type": "JWT",
"jwt_issuer": "acme",
"jwt_audience": "privx",
"jwt_subject_type": "dn",
"jwt_subject_dn_username_attribute": "cn",
"custom_attributes": [
{
"field_name": "email",
"type": "string_pattern",
"expected_value": "*@privx.io"
},
{
"field_name": "instances",
"type": "ip_range",
"start": "192.168.3.1",
"end": "192.168.3.254"
},
{
"field_name": "instances",
"type": "ip_client"
},
{
"field_name": "uid",
"type": "numeric_range",
"start": "1001",
"end": "65535"
}
],
"public_key_method": "static",
"public_keys": [
{
"key_id": "key-1",
"comment": "string",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoopkfuxiDKcB3XGT3TlF\n14dyBUTJctzO80O2iX69GVzcXcx/TFVo8J1f8QASxHaW8w5GyLyNVMjc0lhoKM9T\nPrb5RN/wXchfBCRYxMu57sVcvD1e7JR586ELebX1206ZL9/jyeFK4wVjaPxcBbhC\nEb/Gw1dcSxlt0SoeconCv2yRsRVxxQCHv91HAvg2S17uC3K/AxU4gOoGzlK/dEYi\n6TztKimKhuxkNFcT9l5gDIWoQQXLPCxN7ayqJ60MBw/N8esbgrgAYfGPgOEWnRDY\n59aAuOMzVBlRVFnrBRU+pVlINcDens1DaZP8Dut7gdaZs8fJQ8KmvfrYQm9uOFCn\nCwIDAQAB\n-----END PUBLIC KEY-----\n"
}
],
"x5u_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgIUKDzwc7wsPLlP4YVLEZDAme2lDUUwDQYJKoZIhvcNAQEL\nBQAwPzELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzEMMAoGA1UECwwD\nUiZEMQ4wDAYDVQQDDAVQUklWWDAeFw0yMjA1MTkwODUyMjlaFw0yMzA1MTQwODUy\nMjlaMD8xCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlTU0hDT01TRUMxDDAKBgNVBAsM\nA1ImRDEOMAwGA1UEAwwFUFJJVlgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCiimR+7GIMpwHdcZPdOUXXh3IFRMly3M7zQ7aJfr0ZXNxdzH9MVWjwnV/x\nABLEdpbzDkbIvI1UyNzSWGgoz1M+tvlE3/BdyF8EJFjEy7nuxVy8PV7slHnzoQt5\ntfXbTpkv3+PJ4UrjBWNo/FwFuEIRv8bDV1xLGW3RKh5yicK/bJGxFXHFAIe/3UcC\n+DZLXu4Lcr8DFTiA6gbOUr90RiLpPO0qKYqG7GQ0VxP2XmAMhahBBcs8LE3trKon\nrQwHD83x6xuCuABh8Y+A4RadENjn1oC44zNUGVFUWesFFT6lWUg1wN6ezUNpk/wO\n63uB1pmzx8lDwqa9+thCb244UKcLAgMBAAGjUzBRMB0GA1UdDgQWBBRs5UC6jHc0\nuqp1ABqZrONLE1Rv1TAfBgNVHSMEGDAWgBRs5UC6jHc0uqp1ABqZrONLE1Rv1TAP\nBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA8lbh+wEJKZlEVtIJ/\nwswLjwnzXc0MxGJL7/zVAfn1XKN+igAhKFUK13tziRjM68/Qbe9ckr2VRmvNLOxE\nALsPx0poKruAMWuu3p1JHNjm3MrLRsC/K+Fogi1r1RiSoyZFBS2HVl+5hDbtW2bx\nUEm1dqYzELyAnjuIJFN1gZwMQP3abHuGQnmIF0nNHyNMBVU64i5mHuSulCY+pGur\nx93kOQNESHRGoYhCQwYJSI03BfcIRrv5BPCd98tpSfNXgoOga1vFSb1AwiWpq/zL\nu5z8eBbsLf9xmkylqMNZbZWsJFMv0r43cLA87Qo848YsJYpk51iIOZgGR6xTQF0+\nQ+M6\n-----END CERTIFICATE-----\n",
"x5u_tls_trust_anchor": "-----BEGIN CERTIFICATE-----\nMIIDIzCCAgugAwIBAgIUV19HtBxY1nF7nfgk9X/YIyba4XEwDQYJKoZIhvcNAQEL\nBQAwITELMAkGA1UEBhMCRkkxEjAQBgNVBAoMCVNTSENPTVNFQzAeFw0yMjA1MTkx\nMjI0NDhaFw0yMzA1MTkxMjI0NDhaMCExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlT\nU0hDT01TRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsoOmkZ7L\nPqTwPvhbMItewr92kY6HfityYmQ5gCHp6T03X6jvhiZYNM0FuhhGYHr9RNnBEuTB\nU1eKYgb59lUsLtNWAxy1D2riQ4/2P2jU6ldSEUrzAHQ0tYlkGAWecpzh601XBE9f\nBde1kDPzw5qdUGIt8oLTCaY0FydBHNOopxvbpO7kJGAxA8jsYrmvXaglMBSmChPg\nrubfTp1D07VuRDAJEQW9kwYWbO9PSSRGsGsg2ZQRpJpvqLzLb7iBjG68kJik+zBA\nYT4AkjItf71XvkzI+X18Rn4RuaYgKXUX5S1BVGy6JqbC+Zd6X/sJBsxx3h67RG8/\nbrOr2h86bgJ/AgMBAAGjUzBRMB0GA1UdDgQWBBT3gsAZ1c+rjewKAhZ/y/yHjC2w\nhjAfBgNVHSMEGDAWgBT3gsAZ1c+rjewKAhZ/y/yHjC2whjAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAQjNPfE7oTbYY8eqv9NoEB/OUD3VJRHFVT\nffYIag8/X1pz3lG1hYBy2XXSw4+1XDOH9Rgf+Ol78Sbse38ciVoZkwotkInJjdat\n6x5keBNdSQj97/Ec0xPZeM6ArTeajl12qlvgZUjUhz3xKdNwmbsBKGL+YdgMeOBg\nzyRcqMvynOH3KlxYyXbiEtx+Sw3FQflKZ+VZhlmmplsgnqk9YOByX6DZlP5thI2C\nPew6jTFHtJosa7G5l3V8qwQc1KXYkPIUr6yMOZhxrHuqZR+QuujXb4CFe8idHmgF\nTDfPuHLK9IAd4MfPxVwMhvvWezbYAnqojCF73n4k6KLKXH262s7s\n-----END CERTIFICATE-----\n",
"x5u_prefix": "https://privx.io/token-issuer",
"enabled": true,
"users_directory": "5bf77342-221c-11ee-be56-0242ac120002",
"author": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2023-06-07T17:32:28Z",
"updated": "2023-06-07T17:32:28Z",
"updated_by": "string"
}
]
}Was this page helpful?