# Set IdP initiated auth config **PUT /api/sso-connectors/{id}/idp-initiated-auth-config** Set IdP initiated authentication config for a given SAML SSO connector. Any existing IdP initiated auth config will be overwritten. ## Servers - Logto endpoint address.: https://[tenant_id].logto.app (Logto endpoint address.) ## Authentication methods - O auth2 ## Parameters #### Path parameters - **id** (string) The unique identifier of the sso connector. ## Body parameters Content-type: application/json - **defaultApplicationId** () The unique identifier for the application that users will sign in to using IdP initiated authentication. The application type must be `Traditional` or `SPA`. `autoSendAuthorizationRequest` is not supported for `SPA` applications. - **autoSendAuthorizationRequest** () Whether to automatically send an authorization request to the application's OIDC authorization endpoint when a IdP initiated authentication request is received. If not provided, Logto will use the default value `false`. - **clientIdpInitiatedAuthCallbackUri** () The callback URI for the IdP initiated authentication request. Only available when `autoSendAuthorizationRequest` is `false`. Logto will redirect the user to this URI after the IdP initiated authentication request is received. You should manually trigger the authorization request to the application's OIDC authorization endpoint at the client side. - **redirectUri** () The sign-in callback redirect URI for the application. This URI must be registered in the application's OIDC client metadata. If not provided, Logto will use the first registered redirect URI of the application. Only available when `autoSendAuthorizationRequest` is `true`. - **authParameters** () The additional parameters to be sent to the application's OIDC authorization endpoint, e.g. `resources` and `scopes`. Only available when `autoSendAuthorizationRequest` is `true`. ## Responses ### 200: The updated IdP initiated auth config. #### Body Parameters: application/json (object) - **tenantId** (string) - **connectorId** (string) - **defaultApplicationId** (string) - **redirectUri** (string | null) - **authParameters** (object) - **autoSendAuthorizationRequest** (boolean) - **clientIdpInitiatedAuthCallbackUri** (string | null) - **createdAt** (number) ### 400: The request body is invalid. The SSO connector is not a SAML connector or the application is not a Traditional web application. ### 401: Unauthorized ### 403: Forbidden ### 404: SSO connector or application not found. [Powered by Bump.sh](https://bump.sh)