Single sign-on module
/
SSO Configurations
/
Validate SSO domain

Single Sign-On Overview

Frontegg’s Single Sign-On (SSO) enables users to sign in using their existing credentials, removing the need to create new usernames and passwords specifically for your application.

Our SSO solution supports two popular protocols: SAML and OpenID Connect (OIDC). These protocols facilitate user authentication across multiple applications and can be configured via Frontegg’s Management Portal or the Self-Service menu within your application.

This section lists all relevant API endpoints, organized into Management and Self-Service categories:

Management Endpoints: Require environment-level authorization and provide comprehensive control over SSO (SAML and OIDC) resources.

Self-Service Endpoints: Accessible with a user token (JWT), allowing users with appropriate permissions to create, update, and delete SSO connections on their accounts.

Download OpenAPI description
Users, Auth and Security
Single Sign-On
SCIM Provisioning
Entitlements
Entitlements Agent
Accounts (Tenants)
Languages
Servers
EU Region

https://api.frontegg.com/team/

US Region

https://api.us.frontegg.com/team/

CA Region

https://api.ca.frontegg.com/team/

AU Region

https://api.au.frontegg.com/team/

Frontegg sub-domain for use with user tokens

https://{domain}.frontegg.com/team/

SSO Settings

Operations

SAML Configurations Details

Operations

OIDC Configurations Details

Operations

SSO Configurations

Operations

Validate SSO domain by email

Request

Validate SSO using user's email domain

Path
configurationIdstringrequired
domainIdstringrequired
Headers
frontegg-tenant-idstringrequired

The tenant ID identifier

curl -i -X PUT \
  'https://api.frontegg.com/team/resources/sso/v1/configurations/{configurationId}/domains/{domainId}/validate/email' \
  -H 'frontegg-tenant-id: string'

Responses

Validate SSO domain

Request

Validate SSO domain

Path
configurationIdstringrequired
domainIdstringrequired
Headers
frontegg-tenant-idstringrequired

The tenant ID identifier

curl -i -X PUT \
  'https://api.frontegg.com/team/resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate' \
  -H 'frontegg-tenant-id: string'

Responses

Set SSO default roles

Request

Set SSO default roles

Path
configurationIdstringrequired
Headers
frontegg-tenant-idstringrequired

The tenant ID identifier

Bodyapplication/jsonrequired
roleIdsArray of stringsrequired
curl -i -X PUT \
  'https://api.frontegg.com/team/resources/sso/v1/configurations/{configurationId}/roles' \
  -H 'Content-Type: application/json' \
  -H 'frontegg-tenant-id: string' \
  -d '{
    "roleIds": [
      "string"
    ]
  }'

Responses