Skip to main content
PATCH
/
admin
/
api
/
v1
/
sso
Patch Sso
curl --request PATCH \
  --url https://api.example.com/admin/api/v1/sso \
  --header 'Content-Type: application/json' \
  --data '
{
  "sso": {
    "issuer": "<string>",
    "clientId": "<string>",
    "enabled": true,
    "audience": "<string>",
    "allowedDomains": [
      "<string>"
    ],
    "allowedEmails": [
      "<string>"
    ]
  }
}
'
{
  "data": {
    "sso": {
      "issuer": "<string>",
      "clientId": "<string>",
      "enabled": true,
      "audience": "<string>",
      "allowedDomains": [
        "<string>"
      ],
      "allowedEmails": [
        "<string>"
      ]
    },
    "updatedAt": "2023-11-07T05:31:56Z"
  },
  "reload": {
    "message": "<string>",
    "error": "<string>"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.idun-group.com/llms.txt

Use this file to discover all available pages before exploring further.

Body

application/json

Body for PATCH /admin/api/v1/sso. All fields optional.

sso
SSOConfig · object

OIDC Single Sign-On configuration.

When enabled, the engine validates JWT tokens on protected routes (/agent/invoke, /agent/stream, /agent/copilotkit/stream) against the configured OIDC provider's JWKS endpoint, discovered via {issuer}/.well-known/openid-configuration.

Response

Successful Response

data
StandaloneSsoRead · object
required

GET response and the data payload of PATCH responses.

reload
StandaloneReloadResult · object
required

Reload outcome attached to every admin mutation response.

reloaded means DB committed and runtime now uses the new config. restart_required means DB committed and process restart is needed. reload_failed means DB rolled back and runtime is unchanged.

Last modified on May 26, 2026