- Print
- PDF
Ncloud Single Sign-On overview
- Print
- PDF
Available in Classic and VPC
It provides an API that can manage Application, Tenant, External IDP, User, Group, Permission Set, and Assignment information.
This API is RESTful API and uses HTTP GET/POST/PUT/DELETE methods.
Operation
Ncloud Single Sign-On provides Application, Tenant, External IDP, User, Group, PermissionSet, and Assignment operations.
Application
The list of APIs related to applications is as follows:
API | Description |
---|---|
getApplications | View application list |
getApplication | View a single application |
postApplication | Create an application |
putApplication | Edit an application |
deleteApplication | Delete an application |
renewalClientSecret | (Oauth2) Recreates Client Secret |
Tenant
The list of APIs related to tenants is as follows:
API | Description |
---|---|
getTenant | View a tenant |
postTenant | Create a tenant |
putTenant | Edit a tenant |
deleteTenant | Delete a tenant |
External IDP
The list of APIs related to external IDP is as follows:
API | Description |
---|---|
postExternalIdP | Register an external IDP |
getExternalIdP | View an external IDP |
deleteExternalIdP | Delete an external IDP |
putExternalIdP | Edit an external IDP |
modifyAttributeMapper | Edit AttributeMapper |
getAttributeMapper | View AttributeMapper |
parseExternalIdpMetadata | Parse external IDP metadata |
getSpMetadata | View metadata of Ncloud Single Sign-On |
getSpUrldata | View URL data of Ncloud Single Sign-On |
putLoginSetting | Set external IDP login information |
postOrganization | Connect Organization |
User
The list of APIs related to users is as follows:
API | Description |
---|---|
postUser | Create a single user |
postUsers | Create users in batch |
putUser | Edit users |
deleteUser | Delete users |
deleteUsers | Delete user list |
getUser | View a single user |
getUsers | View user list |
getUserAccessRule | View User AccessRule |
putUserAccessRule | Edit User AccessRule |
getUserProfile | View user profile |
postUserToGroup | Add a user to a group |
getUserGroups | View the list of groups to which a user belongs |
getUserGroup | View a single group to which a user belongs |
deleteUserFromGroup | Delete a user from a group |
changeUserStatus | Change user status |
getUserSession | View a user session |
expireUserSession | User session expired |
getUserAssignments | View the list of assignments to which a user belongs |
deleteUserFromAssignment | Delete a user from an assignment |
Group
The list of APIs related to groups is as follows:
API | Description |
---|---|
postGroup | Create a group |
getGroups | View the group list |
getUser | View a single group |
putGroup | Edit a group |
deleteGroup | Delete a group |
deleteGroups | Delete the group list |
postGroupToUser | Add a group to a user |
getGroupUsers | View the list of users belonging to a group |
getGroupAssignment | View the list of assignments to which a group belongs |
deleteGroupFromUser | Delete a group from a user |
deleteGroupFromAssignment | Delete a group from an assignment |
PermissionSet
The list of APIs related to PermissionSet is as follows:
API | Description |
---|---|
postPermissionSet | Create a PermissionSet |
getPermissionSets | View the list of PermissionSets |
getPermissionSet | View a single PermissionSet |
putPermissionSet | Edit a PermissionSet |
deletePermissionSet | Delete a PermissionSet |
deletePermissionSets | Delete the list of PermissionSets |
getPolicies | View the policy list that can be assigned to PermissionSet |
existsPolicy | Check whether a PermissionSet has policies |
deletePolicyFromPermissionSet | Delete a policy in a PermissionSet |
validatePermissionSetName | Check the pattern of a PermissionSet name and whether it's duplicate |
Assignment
The list of APIs related to assignments is as follows:
API | Description |
---|---|
postAssignment | Create an assignment |
getAssignments | View the assignment list |
getAssignment | View a single assignment |
putAssignment | Edit an assignment |
changeAssignmentStatus | Change assignment status |
deleteAssignment | Delete an assignment |
getAssignmentTargets | View the list of assignment targets |
postAssignmentTargets | Add an assignment target to an assignment |
deleteAssignmentTargets | Delete an assignment target |
getAssignmentExistsPolicy | Check if an assignment has a target policy |
getAssignmentByTargetType | View the list of assignments matching TargetType |
getAccounts | View account list |
Common settings
API URL
The API URL is as follows:
https://sso.apigw.ntruss.com/api/v1
Method
The available methods are as follows:
GET, POST, PUT, DELETE
Header
Request headers
This section introduces commonly used request headers. Some request headers are common headers for Ncloud API. For more information, see Common Ncloud API headers. The following describes request headers.
Header | Description | Type |
---|---|---|
x-ncp-apigw-timestamp | - This is the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 (UTC) - If the time difference compared to the API Gateway server is more than 5 minutes, the request is considered invalid | Common Ncloud API headers |
x-ncp-iam-access-key | The API key issued from NAVER Cloud Platform or AccessKey issued from IAM | Common Ncloud API headers |
x-ncp-apigw-signature-v2 | - Signature that encrypts the Body of the example above with the SecretKey mapped to AccessKey - HmacSHA256 is used as the HMAC encryption algorithm | Common Ncloud API headers |
Common model
ProcessResult
Parameter name | Required | Type | Description |
---|---|---|---|
success | Y | Boolean | Process result |
id | N | String | Creation/editing result ID |
message | N | String | Result message of processing |
- model
ProcessResult {
Boolean success;
String id;
String message;
}
- json
{
"id": "",
"success": true
}
Errors
The common errors used in Ncloud Single Sign-On API are listed below. For more information on the common errors used throughout the services, see NAVER Cloud Platform API.
Parameter name | Required | Type | Description |
---|---|---|---|
errorCode | Y | int | Error code |
message | Y | String | Error message |
The following is an example of common errors syntax in Ncloud Single Sign-On API.
- model
ErrorResponse {
int errorCode;
String message;
}
- json
{
"errorCode": 9011,
"message": "error message"
}