# SSO ## Get all SSO connectors `client.iam.sso.list(SSOListParamsparams, RequestOptionsoptions?): SinglePage` **get** `/accounts/{account_id}/sso_connectors` Get all SSO connectors ### Parameters - `params: SSOListParams` - `account_id: string` Account identifier tag. ### Returns - `SSOListResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const ssoListResponse of client.iam.sso.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(ssoListResponse.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get single SSO connector `client.iam.sso.get(stringssoConnectorId, SSOGetParamsparams, RequestOptionsoptions?): SSOGetResponse` **get** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Get single SSO connector ### Parameters - `ssoConnectorId: string` SSO Connector identifier tag. - `params: SSOGetParams` - `account_id: string` Account identifier tag. ### Returns - `SSOGetResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const sso = await client.iam.sso.get('023e105f4ecef8ad9ca31a8372d0c353', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(sso.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Initialize new SSO connector `client.iam.sso.create(SSOCreateParamsparams, RequestOptionsoptions?): SSOCreateResponse` **post** `/accounts/{account_id}/sso_connectors` Initialize new SSO connector ### Parameters - `params: SSOCreateParams` - `account_id: string` Path param: Account identifier tag. - `email_domain: string` Body param: Email domain of the new SSO connector - `begin_verification?: boolean` Body param: Begin the verification process after creation - `use_fedramp_language?: boolean` Body param: Controls the display of FedRAMP language to the user during SSO login ### Returns - `SSOCreateResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const sso = await client.iam.sso.create({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', email_domain: 'example.com', }); console.log(sso.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Update SSO connector state `client.iam.sso.update(stringssoConnectorId, SSOUpdateParamsparams, RequestOptionsoptions?): SSOUpdateResponse` **patch** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Update SSO connector state ### Parameters - `ssoConnectorId: string` SSO Connector identifier tag. - `params: SSOUpdateParams` - `account_id: string` Path param: Account identifier tag. - `enabled?: boolean` Body param: SSO Connector enabled state - `use_fedramp_language?: boolean` Body param: Controls the display of FedRAMP language to the user during SSO login ### Returns - `SSOUpdateResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const sso = await client.iam.sso.update('023e105f4ecef8ad9ca31a8372d0c353', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(sso.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Delete SSO connector `client.iam.sso.delete(stringssoConnectorId, SSODeleteParamsparams, RequestOptionsoptions?): SSODeleteResponse | null` **delete** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Delete SSO connector ### Parameters - `ssoConnectorId: string` SSO Connector identifier tag. - `params: SSODeleteParams` - `account_id: string` Account identifier tag. ### Returns - `SSODeleteResponse` - `id: string` Identifier ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const sso = await client.iam.sso.delete('023e105f4ecef8ad9ca31a8372d0c353', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(sso.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Begin SSO connector verification `client.iam.sso.beginVerification(stringssoConnectorId, SSOBeginVerificationParamsparams, RequestOptionsoptions?): SSOBeginVerificationResponse` **post** `/accounts/{account_id}/sso_connectors/{sso_connector_id}/begin_verification` Begin SSO connector verification ### Parameters - `ssoConnectorId: string` SSO Connector identifier tag. - `params: SSOBeginVerificationParams` - `account_id: string` Account identifier tag. ### Returns - `SSOBeginVerificationResponse` - `errors: Array` - `code: number` - `message: string` - `documentation_url?: string` - `source?: Source` - `pointer?: string` - `messages: Array` - `code: number` - `message: string` - `documentation_url?: string` - `source?: Source` - `pointer?: string` - `success: true` Whether the API call was successful. - `true` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.iam.sso.beginVerification('023e105f4ecef8ad9ca31a8372d0c353', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(response.errors); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Domain Types ### SSO List Response - `SSOListResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Get Response - `SSOGetResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Create Response - `SSOCreateResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Update Response - `SSOUpdateResponse` - `id?: string` SSO Connector identifier tag. - `created_on?: string` Timestamp for the creation of the SSO connector - `email_domain?: string` - `enabled?: boolean` - `updated_on?: string` Timestamp for the last update of the SSO connector - `use_fedramp_language?: boolean` Controls the display of FedRAMP language to the user during SSO login - `verification?: Verification` - `code?: string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status?: "awaiting" | "pending" | "failed" | "verified"` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Delete Response - `SSODeleteResponse` - `id: string` Identifier ### SSO Begin Verification Response - `SSOBeginVerificationResponse` - `errors: Array` - `code: number` - `message: string` - `documentation_url?: string` - `source?: Source` - `pointer?: string` - `messages: Array` - `code: number` - `message: string` - `documentation_url?: string` - `source?: Source` - `pointer?: string` - `success: true` Whether the API call was successful. - `true`