List SAML application secrets

GET /api/saml-applications/{id}/secrets

Get all signing certificates of the SAML application.

Path parameters

  • id string Required

    The unique identifier of the saml application.

Responses

  • 200 application/json

    A list of signing certificates.

    Hide response attributes Show response attributes object
    • id string Required

      The ID of the signing certificate.

      Minimum length is 1, maximum length is 21.

    • certificate string Required

      The X.509 certificate in PEM format.

      Minimum length is 1.

    • createdAt number Required
    • expiresAt string(date-time) Required

      The expiration time of the certificate.

    • active boolean Required
    • fingerprints object Required
      Hide fingerprints attribute Show fingerprints attribute object
      • sha256 object Required
        Hide sha256 attributes Show sha256 attributes object
        • formatted string Required
        • unformatted string Required
    • fingerprint string

      The SHA-256 fingerprint of the certificate.

    • isActive boolean

      Whether this certificate is currently active.

  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    The SAML application was not found.

GET /api/saml-applications/{id}/secrets
curl \
 --request GET 'https://[tenant_id].logto.app/api/saml-applications/{id}/secrets' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200)
[
  {
    "id": "string",
    "certificate": "string",
    "createdAt": 42.0,
    "expiresAt": "2025-05-04T09:42:00Z",
    "active": true,
    "fingerprints": {
      "sha256": {
        "formatted": "string",
        "unformatted": "string"
      }
    },
    "fingerprint": "string",
    "isActive": true
  }
]