Updates the OpenID Connect federation configuration.

Modify federation settings for this tenant.

Entitlements required: manageFederations (Manage federations)

Body Params

Federation settings

string
required

Host name used for the JWT issuer. It must be the tenant host name or one of the vanity host names. The full issuer string will be https://{issuerHostname}/oidc/endpoint/default

object
required
boolean

Add extended attributes to the 'ext' claim in ID token or user info.

int32

Time skew for JWT 'iat', 'exp' and 'nbf' validation in seconds. Maximum 300, minimum 0. Default is 0.

object
object
object

Top level attributes for well-known endpoint to override the existing attribute.

boolean

Setting to exclude 'x5c' in JWKS.

boolean

Setting to exclude 'x5t' and 'x5t#S256' in JWKS.

string

Base URL for MTLS endpoints. This must include the protocol scheme like https.

string

Default signing key for JWT.

string

Default encryption key for JWT.

object
string

Refresh token fault tolerance option.

object
string

Options to exchange token for SSO session. When this is not set, token exchange for SSO session will be allowed.

Responses
204

The federation configuration was updated.

403

Access was forbidden.

Language
URL
Choose an example:
*/*