tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Access Management
    Documentation
    Download PDF

    CreateUserOIDCConfig

    Last updated: 2022-04-07 10:27:19
    Download PDF

    1. API Description

    Domain name for API request: cam.tencentcloudapi.com.

    This API is used to create a user OIDC configuration. Only one user OIDC IdP can be created, and the user SAML SSO IdP will be automatically disabled after it is created.

    A maximum of 20 requests can be initiated per second for this API.

    We recommend you to use API Explorer
    Try it
    API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

    2. Input Parameters

    The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
    This document describes the parameters for Signature V1. It's recommended to use the V3 signature, which provides higher security. Note that for Signature V3, the common parameters need to be placed in the HTTP Header. See details.

    Parameter Name Required Type Description
    Action Yes String Common parameter. The value used for this API: CreateUserOIDCConfig.
    Version Yes String Common parameter. The value used for this API: 2019-01-16.
    Region No String Common parameter. This parameter is not required for this API.
    IdentityUrl Yes String OpenID Connect IdP URL.
    It corresponds to the value of the issuer field in the Openid-configuration provided by the enterprise IdP.
    IdentityKey Yes String Signature public key, which is used to verify the OpenID Connect IdP's ID token and must be Base64-encoded. For the security of your account, we recommend you rotate it regularly.
    ClientId Yes String Client ID registered with the OpenID Connect IdP.
    AuthorizationEndpoint Yes String OpenID Connect IdP authorization endpoint. It corresponds to the value of the authorization_endpoint field in the Openid-configuration provided by the enterprise IdP.
    ResponseType Yes String Authorization response type, which is always id_token.
    ResponseMode Yes String Authorization response mode. Valid values: form_post (recommended); fragment.
    MappingFiled Yes String Mapping field name. It indicates which field in the id_token of the IdP is mapped to the username of a sub-user. It is usually the sub or name field
    Scope.N No Array of String Authorization information scope. Valid values: openid (default); email; profile.
    Description No String Description

    3. Output Parameters

    Parameter Name Type Description
    RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

    4. Example

    Example1 Adding user OIDC configuration

    Input Example

    POST / HTTP/1.1
Host: cam.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: CreateUserOIDCConfig
<Common request parameters>

{
    "ResponseType": "id_token",
    "IdentityUrl": "https://tencent.auth***.cn/",
    "ResponseMode": "form_post",
    "Description": "Test",
    "IdentityKey": "ewogICAgImtleXMiOiBbCi******",
    "ClientId": "61adcf00620c31e3***",
    "MappingFiled": "sub",
    "AuthorizationEndpoint": "https://tencent.auth**.cn",
    "Scope": [
        "openidScope.1"
    ]
}

    Output Example

    {
  "Response": {
    "RequestId": "8a70d447-3c04-43c0-94ca-db899d4d05ac"
  }
}

    5. Developer Resources

    SDK

    TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

    Command Line Interface

    6. Error Code

    The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

    Error Code Description
    InvalidParameter Incorrect parameter.
    InvalidParameter.IdentityNameInUse Identity provider name already in use.
    InvalidParameterValue.IdentityKeyError The OIDC signature public key is incorrect.
    InvalidParameterValue.IdentityUrlError The IdP URL is incorrect.
    InvalidParameterValue.MetadataError Identity provider metadata document error.
    InvalidParameterValue.NameError Identity provider name error.
    LimitExceeded.IdentityFull Limit on number of identity providers reached.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Contact Us
    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    Submit a Ticket
    7x24 Phone Support
    tencent
    Copyright © 2013-2022 Tencent Cloud. All Rights Reserved.
    Privacy PolicyLegalCookie Policy