Documentation Index

Fetch the complete documentation index at: https://api.ncloud-docs.com/llms.txt

Use this file to discover all available pages before exploring further.

Get tenant

Prev Next

Available in Classic and VPC

Get tenant details.

Request

This section describes the request format. The method and URI are as follows:

Method URI
GET /api/v1/tenant

Request headers

For information about the headers common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On request headers.

Request example

The request example is as follows:

curl --location --request GET 'https://sso.apigw.ntruss.com/api/v1/tenant' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field Type Required Description
tenantId String - Tenant ID
tenantAlias String - Tenant alias
mbrLoginAllow String - Whether to allow main account login
  • UNUSED | ALLOW | DENY
    • UNUSED: Follow settings for each application
    • ALLOW: allow
    • DENY: deny
idleSessionExpDuration Integer - Session expiration time of logged in external account (second)
  • 600 | 1800 | 3600 | 10800
multipleLoginAllowed Boolean - Whether to allow duplicate login
  • true | false
    • true: allow
    • false: not allow
  • If duplicate logins are not allowed, only one session per SSO role can be connected.
organizationEnabled Boolean - Organization integration status
  • true | false
    • true: integration completed
    • false: integration disabled
organizationEnabledAt String - Organization integration date and time
  • ISO 8601 format
protocols Array - Supported protocols
applicationTypeSupported Array - Application type
oauth2 Object - OAuth 2.0 information
oauth2.grantTypeSupported Array - Authorization method
  • authorization_code | refresh_token | implicit
    • authorization_code: Issue access token with self-generated authorization code.
    • refresh_token: Issue new access token without re-login after the access token expires.
    • implicit: Issue access token directly without authorization code. It is optimized for client environments where it is difficult to securely store credentials.
oauth2.responseTypeSupported Array - Response type supported by OAuth 2.0 and OpenID Connect protocols
oauth2.scopeSupported Array - Application accessible information range
  • profile | openid | groups | email
    • profile: account type, login ID, unique member identifier, username
    • openid: account type, login ID, unique member identifier, username
    • groups: account type, login ID, unique member identifier, username, group
    • email: account type, login ID, unique member identifier, username, email
oauth2.clientAuthMethodSupported Array - Application authentication method
  • client_secret_basic | client_secret_post | none
    • client_secret_basic: Client credentials are passed as HTTP basic authentication header.
    • client_secret_post: Client ID and secret are included in the POST request body.
    • none: no authentication
oauth2.accessTypeSupported Array - Application access method
  • confidential | public
    • confidential: Access after authentication with client ID and secret.
    • public: Access after authentication with client ID.
isIdpExist Boolean - Whether to create external IdP
  • true | false
    • true: create
    • false: not create
createdAt String - Tenant creation date and time
  • ISO 8601 format
possessionAuthenticationEnabled Boolean - Whether to apply occupancy authentication
  • true | false
    • true: apply
    • false: not apply
  • When applying occupancy authentication, SSO users can register and manage their verified email/SMS information within the NAVER Cloud Platform.
possessionAuthenticationTypes Array - Occupancy authentication method type
  • SMS | Email
    • SMS: SMS
    • Email: email
multiFactorAuthenticationEnabled Boolean - Whether to apply two-factor authentication
  • true | false
    • true: apply
    • false: not apply

Response status codes

For information about the response status codes common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On response status codes.

Response example

The response example is as follows:

{
    "tenantId": "bc1fb745-****-****-****-9fc9f7c16369",
    "tenantAlias": "bc1fb745-****-****-****-9fc9f7c16369",
    "mbrLoginAllow": "UNUSED",
    "idleSessionExpDuration": 600,
    "multipleLoginAllowed": true,
    "organizationEnabled": true,
    "organizationEnabledAt": "2025-01-21T00:33:55Z",
    "protocols": [
        "OAUTH2"
    ],
    "applicationTypeSupported": [
        "app",
        "web"
    ],
    "oauth2": {
        "grantTypeSupported": [
            "authorization_code",
            "implicit",
            "refresh_token"
        ],
        "responseTypeSupported": [
            "code",
            "token",
            "id_token"
        ],
        "scopeSupported": [
            "profile",
            "openid",
            "groups",
            "email"
        ],
        "clientAuthMethodSupported": [
            "client_secret_basic"
        ],
        "accessTypeSupported": [
            "confidential"
        ]
    },
    "isIdpExist": true,
    "createdAt": "2025-01-20T00:33:55Z",
    "possessionAuthenticationEnabled": true,
    "possessionAuthenticationTypes": [
        "SMS"
    ],
    "multiFactorAuthenticationEnabled": true
}