UpdateIdentityProvider
Updates the identity provider.
Request Syntax
PATCH /identityProviders/identityProviderArn+ HTTP/1.1
Content-type: application/json
{
"clientToken": "string",
"identityProviderDetails": {
"string" : "string"
},
"identityProviderName": "string",
"identityProviderType": "string"
}URI Request Parameters
The request uses the following URI parameters.
- identityProviderArn
-
The ARN of the identity provider.
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36}){2,}$Required: Yes
Request Body
The request accepts the following data in JSON format.
- clientToken
-
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token return the result from the original successful request.
If you do not specify a client token, one is automatically generated by the AWS SDK.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Required: No
- identityProviderDetails
-
The details of the identity provider. The following list describes the provider detail keys for each identity provider type.
-
For Google and Login with Amazon:
-
client_id -
client_secret -
authorize_scopes
-
-
For Facebook:
-
client_id -
client_secret -
authorize_scopes -
api_version
-
-
For Sign in with Apple:
-
client_id -
team_id -
key_id -
private_key -
authorize_scopes
-
-
For OIDC providers:
-
client_id -
client_secret -
attributes_request_method -
oidc_issuer -
authorize_scopes -
authorize_urlif not available from discovery URL specified byoidc_issuerkey -
token_urlif not available from discovery URL specified byoidc_issuerkey -
attributes_urlif not available from discovery URL specified byoidc_issuerkey -
jwks_uriif not available from discovery URL specified byoidc_issuerkey
-
-
For SAML providers:
-
MetadataFileORMetadataURL -
IDPSignout(boolean) optional -
IDPInit(boolean) optional -
RequestSigningAlgorithm(string) optional - Only acceptsrsa-sha256 -
EncryptedResponses(boolean) optional
-
Type: String to string map
Key Length Constraints: Minimum length of 0. Maximum length of 131072.
Key Pattern:
^[\s\S]*$Value Length Constraints: Minimum length of 0. Maximum length of 131072.
Value Pattern:
^[\s\S]*$Required: No
-
- identityProviderName
-
The name of the identity provider.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32.
Pattern:
^[^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+$Required: No
- identityProviderType
-
The type of the identity provider.
Type: String
Valid Values:
SAML | Facebook | Google | LoginWithAmazon | SignInWithApple | OIDCRequired: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"identityProvider": {
"identityProviderArn": "string",
"identityProviderDetails": {
"string" : "string"
},
"identityProviderName": "string",
"identityProviderType": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- identityProvider
-
The identity provider.
Type: IdentityProvider object
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Access is denied.
HTTP Status Code: 403
- InternalServerException
-
There is an internal server error.
HTTP Status Code: 500
- ResourceNotFoundException
-
The resource cannot be found.
HTTP Status Code: 404
- ThrottlingException
-
There is a throttling error.
HTTP Status Code: 429
- ValidationException
-
There is a validation error.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
