Create or update SSO per tenant configuration

Single Sign-On Overview

Frontegg’s Single Sign-On (SSO) enables users to sign in using their existing credentials, removing the need to create new usernames and passwords specifically for your application.

Our SSO solution supports two popular protocols: SAML and OpenID Connect (OIDC). These protocols facilitate user authentication across multiple applications and can be configured via Frontegg’s Management Portal or the Self-Service menu within your application.

This section lists all relevant API endpoints, organized into Management and Self-Service categories:

Management Endpoints: Require environment-level authorization and provide comprehensive control over SSO (SAML and OIDC) resources.

Self-Service Endpoints: Accessible with a user token (JWT), allowing users with appropriate permissions to create, update, and delete SSO connections on their accounts.

Download OpenAPI description

Users, Auth and Security

Servers

EU Region

https://api.frontegg.com/team/

US Region

https://api.us.frontegg.com/team/

CA Region

https://api.ca.frontegg.com/team/

AU Region

https://api.au.frontegg.com/team/

Frontegg sub-domain for use with user tokens

https://{domain}.frontegg.com/team/

SSO Settings

Operations

Get SSO per tenant configuration

Request

Get SSO per tenant configuration

curl -i -X GET \
  https://api.frontegg.com/team/resources/sso/v1/configurations/multiple-sso-per-domain

Responses

Create or update SSO per tenant configuration

Request

Create or update SSO per tenant configuration

Bodyapplication/jsonrequired

unspecifiedTenantStrategystringrequired

activebooleanrequired

useActiveTenantbooleanrequired

curl -i -X PUT \
  https://api.frontegg.com/team/resources/sso/v1/configurations/multiple-sso-per-domain \
  -H 'Content-Type: application/json' \
  -d '{
    "unspecifiedTenantStrategy": "string",
    "active": true,
    "useActiveTenant": true
  }'

Responses

Configure OIDC

Request

Configure OIDC

Bodyapplication/jsonrequired

activebooleanrequired

redirectUristring

Redirect URI that the user will be redirected. Should match the redirect URI you set on your application. Leave it empty if you didn't change it on your application

curl -i -X POST \
  https://api.frontegg.com/team/resources/sso/v1/oidc/configurations \
  -H 'Content-Type: application/json' \
  -d '{
    "active": true,
    "redirectUri": "string"
  }'

Responses

SAML Configurations Details

Operations

OIDC Configurations Details

Operations

SSO Configurations

Operations

Single Sign-On Overview

SSO Settings

Get SSO per tenant configuration

Request

Responses

How useful was this page?

Create or update SSO per tenant configuration

Request

Responses

How useful was this page?

Configure OIDC

Request

Responses

How useful was this page?

SAML Configurations Details

OIDC Configurations Details

SSO Configurations