openid_authorize#
Autogenerated API
- argus_api.lib.authentication.v1.openid.openid_authorize.add_open_id_provider(shortName: str = None, name: str = None, clientID: str = None, customer: str = None, domain: str = None, jwks: str = None, jwksURI: str = None, configurationURI: str = None, issuer: str = None, certificate: str = None, providerURI: str = None, tokenURI: str = None, secret: str = None, claimsMapping: dict = None, responseType: str = None, authorizationPrompt: str = None, scope: str = None, emailDomains: str = None, newUserMapping: bool = None, updateGroupMapping: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
add_open_id_provider
is an alias foradd_openid_provider
. Exists only for backward compatibility - do not use - useadd_openid_provider
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.add_openid_group_mapping(idOrShortname: str, argusGroup: str = None, externalGroupName: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Add a group mapping to a OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to update
argusGroup (str) – The name or ID of the argus group to map to
externalGroupName (str) – The name of the group to map from (as it appears in the ID-token group claim)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
InvalidArgumentsException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.add_openid_provider(shortName: str = None, name: str = None, clientID: str = None, customer: str = None, domain: str = None, jwks: str = None, jwksURI: str = None, configurationURI: str = None, issuer: str = None, certificate: str = None, providerURI: str = None, tokenURI: str = None, secret: str = None, claimsMapping: dict = None, responseType: str = None, authorizationPrompt: str = None, scope: str = None, emailDomains: str = None, newUserMapping: bool = None, updateGroupMapping: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Define new OpenID provider (INTERNAL)
- Parameters
shortName (str) – Set a shortname for this provider => [a-zA-Z0-9_:\-.]*
name (str) – The name of this provider => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
clientID (str) – The OAuth ClientID of this provider
customer (str) – The id or shortname of the customer this provider is bound to. If customer is a customer group, subcustomer users are also eligible for this provider. If not set, this provider will be domain global.
domain (str) – The id or shortname of the domain this provider is bound to, if this is a domain-global provider. If not set, customer must be set.
jwks (str) – Base64-encoding of a valid JWKS file which can be used to verify OpenID tokens. Exactly one of certificate, jwks and jwksURI must be used.
jwksURI (str) – The URI to the OpenID JWKS document. Exactly one of certificate, jwks and jwksURI can be used. Setting jwksURI will enable automatic refresh of jwks. => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
configurationURI (str) – The URI to the OpenID autodiscovery document => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
issuer (str) – Define a specific issuer to require on id-tokens. If not set, the issuer is expected to be a prefix of the providerURI.
certificate (str) – A valid X509 certificate which can be used to verify OpenID tokens. Exactly one of certificate, jwks and jwksURI can be used.
providerURI (str) – The URI to redirect to to initiate OpenID authentication flow => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
tokenURI (str) – The URI for the token endpoint. Required for responseType=code. => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
secret (str) – Define secret to use for the token endpoint. Required for responseType=code
claimsMapping (dict) –
responseType (str) – Define response type to request from provider (default idToken)
authorizationPrompt (str) – Define prompt type to request on authorization (default login)
scope (list) – Define extra scopes to request (in addition to openid) => Sanitize by regex [x21x5D-x7Ex23-x5B]+
emailDomains (list) – Define email domains for automatic enrollment of users
newUserMapping (bool) – Option to enable automatic mapping of new users. To map new users, the claims mapping for name and email must be set.
updateGroupMapping (bool) – Option to enable updates of automatic group mappings. This requires the claims mapping for groups to be set.
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
InvalidArgumentException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.delete_open_id_provider(idOrShortname: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
delete_open_id_provider
is an alias fordelete_openid_provider
. Exists only for backward compatibility - do not use - usedelete_openid_provider
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.delete_openid_group_mapping(idOrShortname: str, mappingID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Delete a group mapping from an OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to update
mappingID (str) – The ID of the mapping to delete
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.delete_openid_provider(idOrShortname: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Delete OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to delete
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.get_open_id_provider(idOrShortname: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
get_open_id_provider
is an alias forget_openid_provider
. Exists only for backward compatibility - do not use - useget_openid_provider
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.get_openid_provider(idOrShortname: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Fetch OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.get_openid_user_link(email: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Fetch OpenID provider (INTERNAL)
- Parameters
email (str) – Request a userlink sent to this email address
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
IfTheRequestIsInvalidException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.list_open_id_providers(targetCustomer: str = None, customer: str = None, keywords: str = None, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
list_open_id_providers
is an alias forlist_openid_providers
. Exists only for backward compatibility - do not use - uselist_openid_providers
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.list_openid_group_mappings(idOrShortname: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
List group mappings for a OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to list mappings for
limit (int) – Limit number of results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.list_openid_providers(targetCustomer: str = None, customer: str = None, keywords: str = None, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
List OpenID providers (INTERNAL)
- Parameters
targetCustomer (str) – Limit results to providers which apply to users bound to this customer
customer (list) – Limit results to providers for this customer (or subcustomers)
keywords (list) – Limit results to providers matching these keywords
sortBy (list) – Specify sort order
limit (int) – Limit number of results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
InvalidArgumentsException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.open_id_authentication(provider: str, idToken: str = None, authorizationCode: str = None, flow: str = None, requestedAuthorizations: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
open_id_authentication
is an alias foropenid_authentication
. Exists only for backward compatibility - do not use - useopenid_authentication
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.open_id_pre_authentication(provider: str, state: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
open_id_pre_authentication
is an alias foropenid_pre_authentication
. Exists only for backward compatibility - do not use - useopenid_pre_authentication
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.openid_authentication(provider: str, idToken: str = None, authorizationCode: str = None, flow: str = None, requestedAuthorizations: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Submit OpenID token for validation to create a new user session (PUBLIC)
- Parameters
provider (str) – ID or shortname of OpenID provider
idToken (str) – ID token from provider. Required for flow idToken.
authorizationCode (str) – Authorization code provider. Required for flow authorizationCode.
flow (str) – The flow to use. If set to authorizationCode, follow the authorization code flow, and the authorizationCode field must be set. If set to idToken, follow the implicit flow, and the idToken must be set (default). (default idToken)
requestedAuthorizations (list) – Allow client to request authorizations as part of the authentication transaction. The client is not guaranteed to get the requested authorizations. The setPassword authorization is only returned if the current user has the FORCE_PW_CHANGE flag set.
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.openid_pre_authentication(provider: str, state: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Request redirect URI to OpenID provider (PUBLIC)
- Parameters
provider (str) – ID or shortname of OpenID provider
state (str) – State to retain
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
InvalidArgumentException – on 412
TooManyPendingRequestsException – on 429
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.request_openid_authorization_redirect(operation: str = None, context: dict = None, nextURI: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Register a user authorization request, and request a redirect to the OpenID Identity Provider to validate user presence. (INTERNAL)
- Parameters
operation (str) – The name of the operation to authorize
context (dict) – Context variables to scope this authorization. All context variables required by the executing service must be present and equal to those provided here.
nextURI (str) – The URI to redirect/route to after successful authorization. The URI will be validated according to policy. The authorization token returned from successful authorization should be appended as a query parameter to this URI.
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
NotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.search_open_id_providers(targetCustomer: str = None, customer: str = None, keywords: str = None, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
search_open_id_providers
is an alias forsearch_openid_providers
. Exists only for backward compatibility - do not use - usesearch_openid_providers
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.search_openid_providers(targetCustomer: str = None, customer: str = None, keywords: str = None, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Search OpenID providers (INTERNAL)
- Parameters
targetCustomer (str) – Limit result to providers which are usable for users bound to this customer (by customer ID or shortname)
customer (list) – Limit result by customer ID or shortname
keywords (list) – Match providers by keywords
sortBy (list) – Specify sort order (default shortName)
limit (int) – Limit the number of results (default 25)
offset (int) – Skip the first results, in sort order (default 0)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
InvalidArgumentsException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.submit_openid_authorization(stateID: str = None, idToken: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Receive the ID token redirect response for a pending User Authorization (INTERNAL)
- Parameters
stateID (str) – The OpenID state identifier
idToken (str) – The ID token returned by the OpenID Provider
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
NotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.authentication.v1.openid.openid_authorize.update_open_id_provider(idOrShortname: str, shortName: str = None, name: str = None, clientID: str = None, issuer: str = None, jwks: str = None, jwksURI: str = None, configurationURI: str = None, certificate: str = None, providerURI: str = None, tokenURI: str = None, secret: str = None, responseType: str = None, authorizationPrompt: str = None, claimsMapping: dict = None, scope: str = None, emailDomains: str = None, newUserMapping: bool = None, updateGroupMapping: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
DEPRECATED :
update_open_id_provider
is an alias forupdate_openid_provider
. Exists only for backward compatibility - do not use - useupdate_openid_provider
instead.
- argus_api.lib.authentication.v1.openid.openid_authorize.update_openid_provider(idOrShortname: str, shortName: str = None, name: str = None, clientID: str = None, issuer: str = None, jwks: str = None, jwksURI: str = None, configurationURI: str = None, certificate: str = None, providerURI: str = None, tokenURI: str = None, secret: str = None, responseType: str = None, authorizationPrompt: str = None, claimsMapping: dict = None, scope: str = None, emailDomains: str = None, newUserMapping: bool = None, updateGroupMapping: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict#
Update OpenID provider (INTERNAL)
- Parameters
idOrShortname (str) – ID or shortname of provider to update
shortName (str) – If set, update the shortname for this provider => [a-zA-Z0-9_:\-.]*
name (str) – If set, update the name for this provider => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
clientID (str) – If set, update the OAuth ClientID for this provider
issuer (str) – If set, update the OpenID Issuer to require for this provider. Use blank string “” to reset to default.
jwks (str) – If set, update the JWKS for this provider. Must be Base64-encoding of a valid JWKS file. Exactly one of certificate, jwks and jwksURI can be used. Setting jwks will clear certificate and disable automatic refresh of jwks.
jwksURI (str) – If set, update the URI to the OpenID JWKS document. Exactly one of certificate, jwks and jwksURI can be used. Setting jwksURI will clear certificate and enable automatic refresh of jwks. => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
configurationURI (str) – If set, update the URI to the OpenID autodiscovery document => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
certificate (str) – If set, update the X509 certificate for this provider. This will remove any stored jwks.
providerURI (str) – If set, update the authorization URI for this provider => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
tokenURI (str) – If set, update the token URI for this provider => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
secret (str) – If set, update the secret for use with the token URI for this provider
responseType (str) – If set, update the response type to request from provider
authorizationPrompt (str) – If set, update the prompt to request from provider on authorization requests
claimsMapping (dict) –
scope (list) – If set, change the scopes to request from this provider => Sanitize by regex [x21x5D-x7Ex23-x5B]+
emailDomains (list) – If set, change the email domains for automatic enrollment of users
newUserMapping (bool) – If set, enable/disable option to enable automatic user mapping. To map new users, the claims mapping for name and email must be set.
updateGroupMapping (bool) – If set, enable/disable option to enable updates of automatic group mappings. This requires the claims mapping for groups to be set.
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
InvalidArgumentsException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON