provider Sso PUT /v1/b2b/sso/oidc/{organization_id}/connections/{connection_id}
@utdk/stytch /v1/b2b/sso/oidc/{organization_id}/connections/{connection_id}
Updateconnection
Updates an existing OIDC connection. When the value of `issuer` changes, Stytch will attempt to retrieve the [OpenID Provider Metadata](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata) document found at `$/.well-known/openid-configuration`. If the metadata document can be retrieved successfully, Stytch will use it to infer the values of `authorization_url`, `token_url`, `jwks_url`, and `userinfo_url`. The `client_id` and `client_secret` values cannot be inferred from the metadata document, and *must* be passed in explicitly. If the metadata document cannot be retrieved, Stytch will still update the connection using values from the request body. If the metadata document can be retrieved, and values are passed in the request body, the explicit values passed in from the request body will take precedence over the values inferred from the metadata document. Note that a newly created connection will not become active until all of the following fields are provided: * `issuer` * `client_id` * `client_secret` * `authorization_url` * `token_url` * `userinfo_url` * `jwks_url`
organization_id path required
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
string
connection_id path required
Globally unique UUID that identifies a specific SSO `connection_id` for a Member.
string
X-Stytch-Member-Session header
A Stytch session that can be used to run the request with the given member's permissions.
string
X-Stytch-Member-SessionJWT header
A Stytch Session JSON Web Token (JWT) that can be used to run the request with the given member's permissions.
string

Try it

Authentication
Configure credentials for Stytch API
Gateway
The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Saved automatically to browser storage.

apiSsoV1SsoOidcUpdateconnection
PUT/v1/b2b/sso/oidc/{organization_id}/connections/{connection_id}
Updates an existing OIDC connection. When the value of `issuer` changes, Stytch will attempt to retrieve the [OpenID Provider Metadata](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata) document found at `$/.well-known/openid-configuration`. If the metadata document can be retrieved successfully, Stytch will use it to infer the values of `authorization_url`, `token_url`, `jwks_url`, and `userinfo_url`. The `client_id` and `client_secret` values cannot be inferred from the metadata document, and *must* be passed in explicitly. If the metadata document cannot be retrieved, Stytch will still update the connection using values from the request body. If the metadata document can be retrieved, and values are passed in the request body, the explicit values passed in from the request body will take precedence over the values inferred from the metadata document. Note that a newly created connection will not become active until all of the following fields are provided: * `issuer` * `client_id` * `client_secret` * `authorization_url` * `token_url` * `userinfo_url` * `jwks_url`

Parameters

required

Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.

required

Globally unique UUID that identifies a specific SSO `connection_id` for a Member.

Input

A human-readable display name for the connection.

The OAuth2.0 client ID used to authenticate login attempts. This will be provided by the IdP.

The secret belonging to the OAuth2.0 client used to authenticate login attempts. This will be provided by the IdP.

A case-sensitive `https://` URL that uniquely identifies the IdP. This will be provided by the IdP.

The location of the URL that starts an OAuth login at the IdP. This will be provided by the IdP.

The location of the URL that issues OAuth2.0 access tokens and OIDC ID tokens. This will be provided by the IdP.

The location of the IDP's [UserInfo Endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo). This will be provided by the IdP.

The location of the IdP's JSON Web Key Set, used to verify credentials issued by the IdP. This will be provided by the IdP.

Include a space-separated list of custom scopes that you'd like to include. Note that this list must be URL encoded, e.g. the spaces must be expressed as %20.

An object that represents the attributes used to identify a Member. This object will map the IdP-defined User attributes to Stytch-specific values, which will appear on the member's Trusted Metadata.

Enter a gateway URL above to enable sending.

Code snippet
Updates live as you fill in the form above.

TypeScript

import stytch from '@utdk/stytch';

await stytch.apiSsoV1SsoOidcUpdateconnection()