Skip to main content
PATCH
/
identity-providers
/
config
Update IDP configuration
curl --request PATCH \
  --url https://app.usechar.ai/api/identity-providers/config \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "idp_type": "okta",
  "allowed_audiences": [
    "<string>"
  ],
  "idp_domain": "<string>",
  "idp_issuer": "<string>",
  "allowed_domains": [
    "<string>"
  ]
}
'
{
  "idp_type": "okta",
  "allowed_audiences": [
    "<string>"
  ],
  "idp_domain": "<string>",
  "idp_issuer": "<string>",
  "allowed_domains": [
    "<string>"
  ]
}

Authorizations

Authorization
string
header
required

WorkOS JWT token. Obtain via WorkOS AuthKit authentication flow. The token must include organization_id claim for organization-scoped endpoints.

Body

application/json

Fields to update in the IDP configuration

idp_type
enum<string> | null

Identity provider type: okta, azure, auth0, google, workos, firebase, onelogin, logto, or custom_oidc

Available options:
okta,
azure,
auth0,
google,
custom_oidc,
workos,
firebase,
onelogin,
logto
allowed_audiences
string[] | null
idp_domain
string | null
idp_issuer
string<uri> | null
allowed_domains
string<uri>[]

Response

OK

Identity provider configuration for SSO-first widget authentication

idp_type
enum<string> | null
required

Type of identity provider

Available options:
okta,
azure,
auth0,
google,
custom_oidc,
workos,
firebase,
onelogin,
logto
allowed_audiences
string[] | null
required

Allowed OIDC client IDs for audience validation (required for production)

idp_domain
string | null
required

Provider domain (e.g., acme.okta.com)

idp_issuer
string | null
required

Full issuer URL for custom OIDC providers

allowed_domains
string<uri>[]
required

Allowed domains for widget embedding (e.g., https://crm.acme.com)