Skip to content
API Reference
API Reference
Organizations
SSO Connection

Retrieve

organizations.sso_connection.retrieve(strorganization_id, SSOConnectionRetrieveParams**kwargs) -> SSOConnection
GET/organizations/{organization_id}/sso-connection

Get SSO connection configuration for organization

ParametersExpand Collapse
organization_id: str

Organization ID or label identifier

minLength1
maxLength255
expand: Optional[List[Literal["permissions"]]]

Fields to expand in the response. Currently supports "permissions" to include the permissions field with the caller's permissions for the resource.

x_client_request_id: Optional[str]
formatuuid
ReturnsExpand Collapse
class SSOConnection:

SSO connection configuration for an organization

id: str

Unique identifier for the SSO connection

client_id: Optional[str]

OAuth 2.0 client ID

client_secret_set: bool

Whether a client secret is configured

created_at: datetime

The time the entity was created in utc

formatdate-time
identifier: str

SSO provider identifier (e.g., issuer URL)

minLength1
maxLength2048
updated_at: datetime

The time the entity was mostly recently updated in utc

formatdate-time
permissions: Optional[Dict[str, Dict[str, bool]]]

Permissions granted to the authenticated principal for this resource. Only populated when the 'expand[]=permissions' query parameter is provided. Keys are resource types (e.g., "organizations"), values are objects mapping permission names to boolean values indicating if the permission is granted.

protocols: Optional[SSOConnectionProtocol]

Protocol configuration for SSO connection

oauth2: Optional[Oauth2]

OAuth 2.0 protocol configuration for SSO connection

authorization_endpoint: Optional[str]

OAuth 2.0 authorization endpoint

formaturi
code_challenge_methods_supported: Optional[List[str]]

Supported PKCE code challenge methods

jwks_uri: Optional[str]

JSON Web Key Set endpoint

formaturi
registration_endpoint: Optional[str]

OAuth 2.0 registration endpoint

formaturi
scopes_supported: Optional[List[str]]

Supported OAuth 2.0 scopes

token_endpoint: Optional[str]

OAuth 2.0 token endpoint

formaturi
openid: Optional[Openid]

OpenID Connect protocol configuration for SSO connection

userinfo_endpoint: Optional[str]

OpenID Connect UserInfo endpoint

formaturi

Retrieve

from keycardai_api import KeycardAPI

client = KeycardAPI()
sso_connection = client.organizations.sso_connection.retrieve(
    organization_id="x",
)
print(sso_connection.id)
{
  "id": "id",
  "client_id": "client_id",
  "client_secret_set": true,
  "created_at": "2019-12-27T18:11:19.117Z",
  "identifier": "x",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "permissions": {
    "organizations": {
      "read": true,
      "update": true
    },
    "users": {
      "read": true,
      "list": true
    }
  },
  "protocols": {
    "oauth2": {
      "authorization_endpoint": "https://example.com",
      "code_challenge_methods_supported": [
        "string"
      ],
      "jwks_uri": "https://example.com",
      "registration_endpoint": "https://example.com",
      "scopes_supported": [
        "string"
      ],
      "token_endpoint": "https://example.com"
    },
    "openid": {
      "userinfo_endpoint": "https://example.com"
    }
  }
}
Returns Examples
{
  "id": "id",
  "client_id": "client_id",
  "client_secret_set": true,
  "created_at": "2019-12-27T18:11:19.117Z",
  "identifier": "x",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "permissions": {
    "organizations": {
      "read": true,
      "update": true
    },
    "users": {
      "read": true,
      "list": true
    }
  },
  "protocols": {
    "oauth2": {
      "authorization_endpoint": "https://example.com",
      "code_challenge_methods_supported": [
        "string"
      ],
      "jwks_uri": "https://example.com",
      "registration_endpoint": "https://example.com",
      "scopes_supported": [
        "string"
      ],
      "token_endpoint": "https://example.com"
    },
    "openid": {
      "userinfo_endpoint": "https://example.com"
    }
  }
}