Ncloud Single Sign-On overview
    • PDF

    Ncloud Single Sign-On overview

    • PDF

    Article Summary

    Available in Classic and VPC

    It provides an API that can manage Application, Tenant, External IDP, User, Group, Permission Set, and Assignment information.
    This API is RESTful API and uses HTTP GET/POST/PUT/DELETE methods.

    Operation

    Ncloud Single Sign-On provides Application, Tenant, External IDP, User, Group, PermissionSet, and Assignment operations.

    Application

    The list of APIs related to applications is as follows:

    APIDescription
    getApplicationsView application list
    getApplicationView a single application
    postApplicationCreate an application
    putApplicationEdit an application
    deleteApplicationDelete an application
    renewalClientSecret(Oauth2) Recreates Client Secret

    Tenant

    The list of APIs related to tenants is as follows:

    APIDescription
    getTenantView a tenant
    postTenantCreate a tenant
    putTenantEdit a tenant
    deleteTenantDelete a tenant

    External IDP

    The list of APIs related to external IDP is as follows:

    APIDescription
    postExternalIdPRegister an external IDP
    getExternalIdPView an external IDP
    deleteExternalIdPDelete an external IDP
    putExternalIdPEdit an external IDP
    modifyAttributeMapperEdit AttributeMapper
    getAttributeMapperView AttributeMapper
    parseExternalIdpMetadataParse external IDP metadata
    getSpMetadataView metadata of Ncloud Single Sign-On
    getSpUrldataView URL data of Ncloud Single Sign-On
    putLoginSettingSet external IDP login information
    postOrganizationConnect Organization

    User

    The list of APIs related to users is as follows:

    APIDescription
    postUserCreate a single user
    postUsersCreate users in batch
    putUserEdit users
    deleteUserDelete users
    deleteUsersDelete user list
    getUserView a single user
    getUsersView user list
    getUserAccessRuleView User AccessRule
    putUserAccessRuleEdit User AccessRule
    getUserProfileView user profile
    postUserToGroupAdd a user to a group
    getUserGroupsView the list of groups to which a user belongs
    getUserGroupView a single group to which a user belongs
    deleteUserFromGroupDelete a user from a group
    changeUserStatusChange user status
    getUserSessionView a user session
    expireUserSessionUser session expired
    getUserAssignmentsView the list of assignments to which a user belongs
    deleteUserFromAssignmentDelete a user from an assignment

    Group

    The list of APIs related to groups is as follows:

    APIDescription
    postGroupCreate a group
    getGroupsView the group list
    getUserView a single group
    putGroupEdit a group
    deleteGroupDelete a group
    deleteGroupsDelete the group list
    postGroupToUserAdd a group to a user
    getGroupUsersView the list of users belonging to a group
    getGroupAssignmentView the list of assignments to which a group belongs
    deleteGroupFromUserDelete a group from a user
    deleteGroupFromAssignmentDelete a group from an assignment

    PermissionSet

    The list of APIs related to PermissionSet is as follows:

    APIDescription
    postPermissionSetCreate a PermissionSet
    getPermissionSetsView the list of PermissionSets
    getPermissionSetView a single PermissionSet
    putPermissionSetEdit a PermissionSet
    deletePermissionSetDelete a PermissionSet
    deletePermissionSetsDelete the list of PermissionSets
    getPoliciesView the policy list that can be assigned to PermissionSet
    existsPolicyCheck whether a PermissionSet has policies
    deletePolicyFromPermissionSetDelete a policy in a PermissionSet
    validatePermissionSetNameCheck the pattern of a PermissionSet name and whether it's duplicate

    Assignment

    The list of APIs related to assignments is as follows:

    APIDescription
    postAssignmentCreate an assignment
    getAssignmentsView the assignment list
    getAssignmentView a single assignment
    putAssignmentEdit an assignment
    changeAssignmentStatusChange assignment status
    deleteAssignmentDelete an assignment
    getAssignmentTargetsView the list of assignment targets
    postAssignmentTargetsAdd an assignment target to an assignment
    deleteAssignmentTargetsDelete an assignment target
    getAssignmentExistsPolicyCheck if an assignment has a target policy
    getAssignmentByTargetTypeView the list of assignments matching TargetType
    getAccountsView account list

    Common settings

    API URL

    The API URL is as follows:

    https://sso.apigw.ntruss.com/api/v1
    

    Method

    The available methods are as follows:

    GET, POST, PUT, DELETE
    

    Header

    Request headers

    This section introduces commonly used request headers. Some request headers are common headers for Ncloud API. For more information, see Common Ncloud API headers. The following describes request headers.

    HeaderDescriptionType
    x-ncp-apigw-timestamp- This is the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 (UTC)
    - If the time difference compared to the API Gateway server is more than 5 minutes, the request is considered invalid
    Common Ncloud API headers
    x-ncp-iam-access-keyThe API key issued from NAVER Cloud Platform or AccessKey issued from IAMCommon Ncloud API headers
    x-ncp-apigw-signature-v2- Signature that encrypts the Body of the example above with the SecretKey mapped to AccessKey
    - HmacSHA256 is used as the HMAC encryption algorithm
    Common Ncloud API headers

    Common model

    ProcessResult

    Parameter nameRequiredTypeDescription
    successYBooleanProcess result
    idNStringCreation/editing result ID
    messageNStringResult message of processing
    • model
    ProcessResult {
      Boolean success;
      String id;
      String message;
    }
    
    • json
    {
      "id": "",
      "success": true
    }
    

    Errors

    The common errors used in Ncloud Single Sign-On API are listed below. For more information on the common errors used throughout the services, see NAVER Cloud Platform API.

    Parameter nameRequiredTypeDescription
    errorCodeYintError code
    messageYStringError message

    The following is an example of common errors syntax in Ncloud Single Sign-On API.

    • model
    ErrorResponse {
      int errorCode;
      String message;
    }
    
    • json
    {
      "errorCode": 9011,
      "message": "error message"
    }
    

    Was this article helpful?

    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.