Request Syntax URI Request Parameters Request Body Response Syntax Response Elements Errors See Also

UpdateIdentityProvider

Updates the identity provider.

Request Syntax


PATCH /identityProviders/identityProviderArn+ HTTP/1.1
Content-type: application/json

{
   "clientToken": "string",
   "identityProviderDetails": { 
      "string" : "string" 
   },
   "identityProviderName": "string",
   "identityProviderType": "string"
}

URI Request Parameters

The request uses the following URI parameters.

identityProviderArn

The ARN of the identity provider.

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36}){2,}$

Required: Yes

Request Body

The request accepts the following data in JSON format.

clientToken

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token return the result from the original successful request.

If you do not specify a client token, one is automatically generated by the AWS SDK.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 512.

Required: No

identityProviderDetails

The details of the identity provider. The following list describes the provider detail keys for each identity provider type.

For Google and Login with Amazon:
- client_id
- client_secret
- authorize_scopes
For Facebook:
- client_id
- client_secret
- authorize_scopes
- api_version
For Sign in with Apple:
- client_id
- team_id
- key_id
- private_key
- authorize_scopes
For OIDC providers:
- client_id
- client_secret
- attributes_request_method
- oidc_issuer
- authorize_scopes
- authorize_url if not available from discovery URL specified by oidc_issuer key
- token_url if not available from discovery URL specified by oidc_issuer key
- attributes_url if not available from discovery URL specified by oidc_issuer key
- jwks_uri if not available from discovery URL specified by oidc_issuer key
For SAML providers:
- MetadataFile OR MetadataURL
- IDPSignout (boolean) optional
- IDPInit (boolean) optional
- RequestSigningAlgorithm (string) optional - Only accepts rsa-sha256
- EncryptedResponses (boolean) optional

Type: String to string map

Key Length Constraints: Minimum length of 0. Maximum length of 131072.

Key Pattern: ^[\s\S]*$

Value Length Constraints: Minimum length of 0. Maximum length of 131072.

Value Pattern: ^[\s\S]*$

Required: No

identityProviderName

The name of the identity provider.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 32.

Pattern: ^[^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+$

Required: No

identityProviderType

The type of the identity provider.

Type: String

Required: No

Response Syntax


HTTP/1.1 200
Content-type: application/json

{
   "identityProvider": { 
      "identityProviderArn": "string",
      "identityProviderDetails": { 
         "string" : "string" 
      },
      "identityProviderName": "string",
      "identityProviderType": "string"
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

identityProvider

The identity provider.

Type: IdentityProvider object

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

Access is denied.

HTTP Status Code: 403

InternalServerException

There is an internal server error.

HTTP Status Code: 500

ResourceNotFoundException

The resource cannot be found.

HTTP Status Code: 404

ThrottlingException

There is a throttling error.

HTTP Status Code: 429

ValidationException

There is a validation error.

HTTP Status Code: 400