MENU
      Ncloud Single Sign-On overview

        Ncloud Single Sign-On overview


        Article summary

        Available in Classic and VPC

        An API that can manage the Application/Tenant/External IDP/User/Group/Permission Set/Assignment information is provided.
        The API is in the RESTful API format, and uses HTTP GET/POST/PUT/DELETE methods.

        Operations

        Ncloud Single Sign-On provides Application, Tenant, External IDP, User, Group, PermissionSet, and Assignment operations.

        Application

        The list of APIs related to applications is as follows.

        APIDescription
        getApplicationsView the application list
        getApplicationView a single application
        postApplicationCreate application
        putApplicationEdit application
        deleteApplicationDelete application
        renewalClientSecret(Oauth2) Recreate client secret

        Tenant

        The list of APIs related to tenants is as follows.

        APIDescription
        getTenantView tenant
        postTenantCreate tenant
        putTenantEdit tenant
        deleteTenantDelete tenant

        External IDP

        The list of APIs related to external IDPs is as follows.

        APIDescription
        postExternalIdPRegister external IDP
        getExternalIdPView external IDP
        deleteExternalIdPDelete external IDP
        putExternalIdPEdit external IDP
        modifyAttributeMapperEdit AttributeMapper
        getAttributeMapperView AttributeMapper
        parseExternalIdpMetadataParse external IDP metadata
        getSpMetadataView Ncloud Single Sign-On metadata
        getSpUrldataView Ncloud Single Sign-On URL data
        putLoginSettingSet external IDP login information
        postOrganizationIntegrate organization

        User

        The list of APIs related to users is as follows.

        APIDescription
        validateUserLoginIdCheck user login ID validity
        postUserCreate a single user
        postUsersBulk create users
        putUserEdit user
        deleteUserDelete user
        deleteUsersDelete user list
        getUserView a single user
        getUsersView user list
        getUserAccessRuleView user AccessRule
        putUserAccessRuleEdit user AccessRule
        getUserProfileView user profile
        postUserToGroupAdd user to group
        getUserGroupsView the list of groups a user belongs to
        getUserGroupView a single group a user belongs to
        deleteUserFromGroupDelete user from group
        changeUserStatusChange user status
        getUserSessionView user session
        expireUserSessionExpire user session
        getUserAssignmentsView the list of assignments a user belongs to
        deleteUserFromAssignmentDelete user from assignment
        addUserMfaDevicesAdd MFA device to user
        getUserMfaDevicesView MFA device a user owns
        deleteUserMfaDevicesDelete MFA device a user owns

        Group

        The list of APIs related to groups is as follows.

        APIDescription
        validateGroupNameCheck group name validity
        postGroupCreate group
        getGroupsView group list
        getUserView a single group
        putGroupEdit group
        deleteGroupDelete group
        deleteGroupsDelete group list
        postGroupToUserAdd group to user
        getGroupUsersView the list of users in a group
        getGroupAssignmentView the list of assignments the group belongs to
        deleteGroupFromUserDelete group from user
        deleteGroupFromAssignmentDelete group from assignment

        PermissionSet

        The list of APIs related to permission sets is as follows.

        APIDescription
        postPermissionSetCreate PermissionSet
        getPermissionSetsView PermissionSet list
        getPermissionSetView a single PermissionSet
        putPermissionSetEdit PermissionSet
        deletePermissionSetDelete PermissionSet
        deletePermissionSetsDelete PermissionSet list
        getPoliciesView the list of policies that can be assigned to PermissionSet
        existsPolicyCheck for the existence of a policy in PermissionSet
        deletePolicyFromPermissionSetDelete policy in PermissionSet
        validatePermissionSetNameCheck PermissionSet name patterns, duplicates

        Assignment

        The list of APIs related to assignments is as follows.

        APIDescription
        postAssignmentCreate assignment
        getAssignmentsView assignment list
        getAssignmentView a single assignment
        putAssignmentEdit assignment
        changeAssignmentStatusChange assignment status
        deleteAssignmentDelete assignment
        getAssignmentTargetsView assignment target list
        postAssignmentTargetsAdd assignment target to assignment
        deleteAssignmentTargetsDelete assignment target
        getAssignmentExistsPolicyCheck if the target policy in the assignment exists
        getAssignmentByTargetTypeView the list of assignments that match TargetType
        getAccountsView account list
        addAssignmentIpAclsAdd IP ACL to assignment
        getAssignmentsIpAclsView the list of IP ACLs that belong to an assignment
        deleteAssignmentIpAclsDelete IP ACL that belongs to an assignment

        IP ACL

        The list of APIs related to IP ACLs is as follows.

        APIDescription
        validateIpAclNameCheck IP ACL name validity
        postIPACLCreate IP ACL
        putIPACLEdit IP ACL
        deleteIPACLsDelete IP ACL list
        deleteIPACLDelete a single IP ACL
        getIPACLsView IP ACL list
        getIPACLView a single IP ACL
        addIpAclToAssignmentsAdd IP ACL to assignment
        getIpAclAssignmentsView assignments with IP ACL
        deleteIpAclAssignmentsDelete assignment assigned to IP ACL

        Common settings

        API URL

        The API URL is as follows.

        https://sso.apigw.ntruss.com/api/v1
        HTTP

        Method

        Available methods are as follows.

        GET, POST, PUT, DELETE
        HTTP

        Headers

        Request headers

        This section introduces commonly used request headers. Since some request headers are common headers of Ncloud APIs, see Common Ncloud API headers for more information. The following describes the request headers.

        HeaderDescriptionType
        x-ncp-apigw-timestamp- It indicates the elapsed time in milliseconds since January 1, 1970 00:00:00 UTC
        - Request is considered invalid if the timestamp differs from the current time by more than 5 minutes
        Common Ncloud API headers
        x-ncp-iam-access-keyAPI key issued on NAVER Cloud Platform or access key issued on IAMCommon Ncloud API headers
        x-ncp-apigw-signature-v2- Signature signed by the secret key that matches the access key in the sample body above
        - HmacSHA256 is used for the HMAC encryption algorithm
        Common Ncloud API headers

        Common model

        ProcessResult

        Parameter nameRequiredTypeDescription
        successYBooleanProcessing result
        idNStringCreation/modification result ID
        messageNStringProcessing result message
        • Model
        ProcessResult {
          Boolean success;
          String id;
          String message;
        }
        Java
        • JSON
        {
          "id": "",
          "success": true
        }
        JSON

        Errors

        This section introduces common error codes used by Ncloud Single Sign-On APIs. For more information about common error codes used across all services, see NAVER Cloud Platform API.

        Parameter nameRequiredTypeDescription
        errorCodeYintError code
        messageYStringError message

        The following is an example of a common error code syntax of the Ncloud Single Sign-On API.

        • Model
        ErrorResponse {
          int errorCode;
          String message;
        }
        Java
        • JSON
        {
          "errorCode": 9011,
          "message": "Error message"
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.