Retrieve enterprise SSO identity of user by SSO connector ID

GET /api/users/{userId}/sso-identities/{ssoConnectorId}

Retrieves the user's enterprise SSO identity and associated token set record (if token storage is enabled for the SSO connector) by SSO connector ID.

Path parameters

  • userId string Required

    The unique identifier of the user.

  • ssoConnectorId string Required

    The unique identifier of the sso connector.

Responses

  • 200 application/json

    The enterprise SSO identity is retrieved.

    Hide response attributes Show response attributes object
    • enterpriseSsoIdentity object Required
      Hide enterpriseSsoIdentity attributes Show enterpriseSsoIdentity attributes object
      • tenantId string Required

        Maximum length is 21.

      • id string Required

        Minimum length is 1, maximum length is 21.

      • userId string Required

        Minimum length is 1, maximum length is 12.

      • issuer string Required

        Minimum length is 1, maximum length is 256.

      • identityId string Required

        Minimum length is 1, maximum length is 128.

      • detail object Required

        arbitrary

      • createdAt number Required
      • updatedAt number Required
      • ssoConnectorId string Required

        Minimum length is 1, maximum length is 128.

    • tokenSet object
      Hide tokenSet attributes Show tokenSet attributes object
      • tenantId string Required

        Maximum length is 21.

      • id string Required

        Minimum length is 1, maximum length is 21.

      • userId string Required

        Minimum length is 1, maximum length is 21.

      • type string("federated_token_set") Required
      • metadata object Required
        Hide metadata attributes Show metadata attributes object
        • scope string
        • expiresAt number
        • tokenType string
      • createdAt number Required
      • updatedAt number Required
      • ssoConnectorId string Required
      • issuer string Required
      • identityId string Required
  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    User enterprise SSO identity not found.

GET /api/users/{userId}/sso-identities/{ssoConnectorId}
curl \
 --request GET 'https://[tenant_id].logto.app/api/users/{userId}/sso-identities/{ssoConnectorId}' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200)
{
  "enterpriseSsoIdentity": {
    "tenantId": "string",
    "id": "string",
    "userId": "string",
    "issuer": "string",
    "identityId": "string",
    "detail": {},
    "createdAt": 42.0,
    "updatedAt": 42.0,
    "ssoConnectorId": "string"
  },
  "tokenSet": {
    "tenantId": "string",
    "id": "string",
    "userId": "string",
    "type": "string",
    "metadata": {
      "scope": "string",
      "expiresAt": 42.0,
      "tokenType": "string"
    },
    "createdAt": 42.0,
    "updatedAt": 42.0,
    "ssoConnectorId": "string",
    "issuer": "string",
    "identityId": "string"
  }
}