# SSO ## Get all SSO connectors `iam.sso.list(SSOListParams**kwargs) -> SyncSinglePage[SSOListResponse]` **get** `/accounts/{account_id}/sso_connectors` Get all SSO connectors ### Parameters - `account_id: str` Account identifier tag. ### Returns - `class SSOListResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.iam.sso.list( account_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get single SSO connector `iam.sso.get(strsso_connector_id, SSOGetParams**kwargs) -> SSOGetResponse` **get** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Get single SSO connector ### Parameters - `account_id: str` Account identifier tag. - `sso_connector_id: str` SSO Connector identifier tag. ### Returns - `class SSOGetResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) sso = client.iam.sso.get( sso_connector_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(sso.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Initialize new SSO connector `iam.sso.create(SSOCreateParams**kwargs) -> SSOCreateResponse` **post** `/accounts/{account_id}/sso_connectors` Initialize new SSO connector ### Parameters - `account_id: str` Account identifier tag. - `email_domain: str` Email domain of the new SSO connector - `begin_verification: Optional[bool]` Begin the verification process after creation - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login ### Returns - `class SSOCreateResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) sso = client.iam.sso.create( account_id="023e105f4ecef8ad9ca31a8372d0c353", email_domain="example.com", ) print(sso.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Update SSO connector state `iam.sso.update(strsso_connector_id, SSOUpdateParams**kwargs) -> SSOUpdateResponse` **patch** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Update SSO connector state ### Parameters - `account_id: str` Account identifier tag. - `sso_connector_id: str` SSO Connector identifier tag. - `enabled: Optional[bool]` SSO Connector enabled state - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login ### Returns - `class SSOUpdateResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) sso = client.iam.sso.update( sso_connector_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(sso.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Delete SSO connector `iam.sso.delete(strsso_connector_id, SSODeleteParams**kwargs) -> SSODeleteResponse` **delete** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Delete SSO connector ### Parameters - `account_id: str` Account identifier tag. - `sso_connector_id: str` SSO Connector identifier tag. ### Returns - `class SSODeleteResponse: …` - `id: str` Identifier ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) sso = client.iam.sso.delete( sso_connector_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(sso.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Begin SSO connector verification `iam.sso.begin_verification(strsso_connector_id, SSOBeginVerificationParams**kwargs) -> SSOBeginVerificationResponse` **post** `/accounts/{account_id}/sso_connectors/{sso_connector_id}/begin_verification` Begin SSO connector verification ### Parameters - `account_id: str` Account identifier tag. - `sso_connector_id: str` SSO Connector identifier tag. ### Returns - `class SSOBeginVerificationResponse: …` - `errors: List[Error]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[ErrorSource]` - `pointer: Optional[str]` - `messages: List[Message]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageSource]` - `pointer: Optional[str]` - `success: Literal[true]` Whether the API call was successful. - `true` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.iam.sso.begin_verification( sso_connector_id="023e105f4ecef8ad9ca31a8372d0c353", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.errors) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Domain Types ### SSO List Response - `class SSOListResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Get Response - `class SSOGetResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Create Response - `class SSOCreateResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Update Response - `class SSOUpdateResponse: …` - `id: Optional[str]` SSO Connector identifier tag. - `created_on: Optional[datetime]` Timestamp for the creation of the SSO connector - `email_domain: Optional[str]` - `enabled: Optional[bool]` - `updated_on: Optional[datetime]` Timestamp for the last update of the SSO connector - `use_fedramp_language: Optional[bool]` Controls the display of FedRAMP language to the user during SSO login - `verification: Optional[Verification]` - `code: Optional[str]` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `status: Optional[Literal["awaiting", "pending", "failed", "verified"]]` The status of the verification code from the verification process. - `"awaiting"` - `"pending"` - `"failed"` - `"verified"` ### SSO Delete Response - `class SSODeleteResponse: …` - `id: str` Identifier ### SSO Begin Verification Response - `class SSOBeginVerificationResponse: …` - `errors: List[Error]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[ErrorSource]` - `pointer: Optional[str]` - `messages: List[Message]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageSource]` - `pointer: Optional[str]` - `success: Literal[true]` Whether the API call was successful. - `true`