Skip to main contentIBM Video Streaming Developers

SSO Settings

This API call is used to configure the Account’s SSO login settings. Currently two types of SSO providers are supported: Google Apps and SAML based.

Get the current settings

This API call lists the current settings of the Organization’s SSO login.

GET https://api.video.ibm.com/organizations/{organizationId}/sso.json

Example of the request:

GET /organizations/ZzzqXZ/sso.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950

The token in the above call is only an example.

Success response

Upon success, key-value pairs are returned with an HTTP Status code of 200.

KEYTYPEDESCRIPTION
allow_sso_loginbooleanSSO login is enabled
login_methodstringType of SSO login. Possible values: samlsso, googlesso, none

Example of a success response:

{
"allow_sso_login": true,
"login_method": "samlsso"
}

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request

Turn on/off SSO login

This API call allows to turn off/on the Organization’s SSO login.

PUT https://api.video.ibm.com/organizations/{organizationId}/sso.json

Parameters

The parameters for the POST request:

PARAMETERTYPEIMPORTANCEDESCRIPTION
allow_sso_loginbooleanREQUIREDSSO login is enabled

To change the login method you have to set the method’s settings. (Set Google SSO settings, Set Google SSO settings)

The Content-Type of the request should be application/x-www-form-urlencoded.

Example of the request:

PUT /organization/ZzzqXZ/sso.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950
Content-Type: application/x-www-form-urlencoded
allow_sso_login=true

The token in the above call is only an example.

Success response

Upon success the response body is empty with an HTTP Status code of 204.

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
400 Bad RequestWe couldn’t update the Organization with the provided parameters
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request

Get the current Google SSO settings

This API call lists the current Google settings of the Organization’s SSO login.

GET https://api.video.ibm.com/organizations/{organizationId}/sso/google.json

Example of the request:

GET /organizations/ZzzqXZ/sso/google.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950

Note that the token in the above call is only an example.

Success response

Upon success, key-value pairs are returned with an HTTP Status code of 200.

KEYTYPEDESCRIPTION
hosted_domainstringGoogle Apps domain

Example of a success response:

{
"hosted_domain": "example.com"
}

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
404 Not FoundIf Google SSO settings previously hadn’t been set
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request

Set Google SSO settings

This API call is used to set the Organization’s Google SSO login settings. Note that setting the SSO domain doesn’t automatically turn SSO login on.

PUT https://api.video.ibm.com/organizations/{organizationId}/sso/google.json

Parameters

The parameters for the PUT request:

PARAMETERTYPEIMPORTANCEDESCRIPTION
hosted_domainstringREQUIREDGoogle Apps domain

The Content-Type of the request should be application/x-www-form-urlencoded.

Example of the request:

PUT /organization/ZzzqXZ/sso/google.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950
Content-Type: application/x-www-form-urlencoded
hosted_domain=example.com

Note that the token in the above call is only an example.

Success response

Upon success the response body is empty with an HTTP Status code of 204.

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
400 Bad RequestWe couldn’t update the Organization with the provided parameters (eg.: invalid domain)
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request

Get the current SAML SSO settings

This API call lists the current SAML settings of the Organization’s SSO login.

GET https://api.video.ibm.com/organizations/{organizationId}/sso/saml.json

Example of the request:

GET /organizations/ZzzqXZ/sso/saml.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950

Note that the token in the above call is only an example.

Success response

Upon success, key-value pairs are returned with an HTTP Status code of 200.

KEYTYPEDESCRIPTION
entity_idstringEntity ID
certificate_datastringCertificate
login_urlstringLogin URL
logout_modestringLogin mode. Possible values: local, global
logout_urlstringLogout URL if Login mode is global

Example of a success response:

{
"entity_id": "https://sso.example.info/entity",
"certificate_data": "MIIJnz...",
"login_url": "https://example.com/login",
"logout_mode": "global",
"logout_url": "https://example.com/logout"
}

The certificate_data in the above call is truncated for clarity.

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
404 Not FoundIf SAML SSO settings previously hadn’t been set
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request

Set SAML SSO settings

This API call is used to set the Organization’s Google SSO login settings. Setting the SSO domain doesn’t automatically turn SSO login on.

PUT https://api.video.ibm.com/organizations/{organizationId}/sso/saml.json

Parameters

The parameters for the PUT request:

PARAMETERTYPEIMPORTANCEDESCRIPTION
entity_idstringREQUIREDEntity ID
certificate_datastringREQUIREDCertificate
login_urlstringREQUIREDLogin URL
logout_modestringREQUIREDLogout mode. Possible values: local, global
logout_urlstringOPTIONALLogout URL. Required if logout_mode is global

The Content-Type of the request should be application/x-www-form-urlencoded.

Example of the request:

PUT /organization/ZzzqXZ/sso/saml.json HTTP/1.1
Host: api.video.ibm.com
Authorization: Bearer 3c2573673b782f6544405a22636f3d5d3b6f3950
Content-Type: application/x-www-form-urlencoded
entity_id=https%3A%2F%2Fsso.example.info%2Fentity&certificate_data=MIIJnz...&login_url=https%3A%2F%2Fexample.com%2Flogin&logout_mode=global&logout_url=https%3A%2F%2Fexample.com%2Flogout

Note that the token in the above call is only an example.

The certificate_data in the above call is truncated for clarity.

Success response

Upon success the response body is empty with an HTTP Status code of 204.

Error responses

Possible error responses:

HTTP RESPONSE CODEERROR CONDITIONS
400 Bad RequestWe couldn’t update the Organization with the provided parameters (eg.: invalid domain)
401 UnauthorizedThe provided access token is missing, revoked, expired or malformed
403 ForbiddenThe provided access token has no access to the user
503 Service UnavailableThere is a temporary error on the server which makes it impossible to serve the request