Skip To Content

/[idpID]/update: Update IDP

  • URL:https://[root]/portals/[portalID]/idp/[idpID]/update(POST only)

Example usage

Below is a sample ArcGIS Online multipart POST request for the update operation:


POST /sharing/rest/portals/0123456789ABCDEF/idp/wmwHndkeZHZxOg45/update HTTP/1.1
Host: org.arcgis.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Length: []

------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="name"

SAML / ADFS
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="signUpMode"

Automatic
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="entityId"

org.domain.com.portal
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="roleId"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="level"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userLicenseType"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataUrl"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataFile"; filename=""
Content-Type: application/octet-stream


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="bindingUrl"

https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="postBindingUrl"

https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="logoutUrl"

https://domain.com.com/adfs/ls/
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="certificate"

MIIC7DCCAdSgAwIBAgIQFbBmTUp9fKJJB/elgcdwxzANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2gmwU3Iw8GkNBGiVF3bigUdBmfMsLYOZVZVSUs9Dhv4i5KTjGyDY5ToR7G/Y4ie5C847IXkoVO9Zaywyd7DFuZIrDm34zjs7UkaTXMRwE9C42ndpktARiX2gIvaM9ZC/By71NidtNL3nXEwW0MYufgKRnX39GgEfBdgbr1Hv1R3tjb4OvX4bHthWjN30IW9jcYLOIB9eR8Mwtd45xGLZlXi2rqFta+amGB2jh87nJQawJP5WnUa+AHz1wsK3Q3reiEEiPUtfv/9wvjcbYy9rhuiuR9kgcvP9wzMjWOsjQeYm0hjEmXHb/rB/VeNcr+aXNsqb0CnFNsJeI0cmPN3bLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGD+hPYcGxHnJqGZ2bgtwD2w7AkgKX76Ta/Muy3uuZkojOG9eT8VYShnjKsfotbOGYsWUXnFNDd8n0jDfHv6ieVc4UoCTqxwycxj5FLjCV3s+AoiCniPqcdRfgjMGxcL9kFJS8KKzyvcFS8Hz/2r6fl69hJdRAjViIunhA7yoRc9bGNvQ54blJ/ykHzoaG/o6fPdkG2pbFqCXLYm0JbFpXKao3Hk8l8xdBBFXgUU57LQKkdGNvIgerHoLmgwyd0p5LVT78iwl6Y4cGZDnGs9QR5osLn2WKdECyOpj6n0wBmy6uf4xCGcH9AJ+ZafvxqBb21YNHxRUAnncf8/tqrelHM=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="encryptionCertificate"

MIIC8jCCAdqgAwIBAgIQc/xsSmk91Y1Cfufo32bE1DANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIli4ws8yF3S6CBrtILXyc+YBVZrdkf8nA0Jp1N+8VDRvC7pB8pkOB2zlWZxb0w72QgwKNLOlSGqc2O06/VHXwrOdBqqGLh9rPG5nygMjoiXoZ82/gu+OZHH4e5LEY7BBZ6HME/jCXdu0Y4e6tjLuDXusxDOGeT4xYeFCV6VRlW6O153cR13FNaslndeEhweVvVuvdsOGB2yY3Uuv4x+RJesxCikSYg6g306Xin6vcbuMJ427bSCrGZZw3iaMQQcBwIkPQ3/c1hC7Z5CJ4I2rcIW91tgCMS5pQxHR2IRjC82Z1Snwj1KHo9opK8xy3MY1csc+ezwRTKE0uhroMa9GVAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB2Rp5BymejVGQL4a2d2OkvK8tt0e1f8/vgcomCEMETPoDa0UWJ4JTVgsf0PAWa5Sf/t68TsDaTm4Xom8ZMLov7WUqEkA1zSZr2IaZ/ozIvNH94aYv4MY99MHK5eJoOqjau0Tc4Us2j0teoVAGmuCYL/H9i34tZ2ExLJzp1SO1/35tGFmEajPVfOb6o9RZX2aZtc/i+dffuf9mRWLm1ujmHITntgP7kJYhehTOCfGLbwuMmR4jZhLCzrXkAAqX+m3Odpiq9Q0/8cvuzyIdyiftNYYoMj8b1f8Q2snjQtxE9juoXs5k1xOgxke3X2SRrQgNQ7zFSLKP1TURJpG98WqF0=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userCreditAssignment"

-1
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="groups"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userType"

arcgisonly
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="f"

pjson
------WebKitFormBoundaryc6E2kBLlZBZPaIyb--

Below is a sample ArcGIS Enterprise multipart POST request for the update operation:


POST /webadaptor/sharing/rest/portals/0123456789ABCDEF/idp/wmwHndkeZHZxOg45/update HTTP/1.1
Host: machine.domain.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Length: []

------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="name"

SAML / ADFS
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="signUpMode"

Automatic
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="entityId"

org.domain.com.portal
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="roleId"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="level"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userLicenseType"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataUrl"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataFile"; filename=""
Content-Type: application/octet-stream


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="bindingUrl"

https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="postBindingUrl"

https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="logoutUrl"

https://domain.com.com/adfs/ls/
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="certificate"

MIIC7DCCAdSgAwIBAgIQFbBmTUp9fKJJB/elgcdwxzANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2gmwU3Iw8GkNBGiVF3bigUdBmfMsLYOZVZVSUs9Dhv4i5KTjGyDY5ToR7G/Y4ie5C847IXkoVO9Zaywyd7DFuZIrDm34zjs7UkaTXMRwE9C42ndpktARiX2gIvaM9ZC/By71NidtNL3nXEwW0MYufgKRnX39GgEfBdgbr1Hv1R3tjb4OvX4bHthWjN30IW9jcYLOIB9eR8Mwtd45xGLZlXi2rqFta+amGB2jh87nJQawJP5WnUa+AHz1wsK3Q3reiEEiPUtfv/9wvjcbYy9rhuiuR9kgcvP9wzMjWOsjQeYm0hjEmXHb/rB/VeNcr+aXNsqb0CnFNsJeI0cmPN3bLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGD+hPYcGxHnJqGZ2bgtwD2w7AkgKX76Ta/Muy3uuZkojOG9eT8VYShnjKsfotbOGYsWUXnFNDd8n0jDfHv6ieVc4UoCTqxwycxj5FLjCV3s+AoiCniPqcdRfgjMGxcL9kFJS8KKzyvcFS8Hz/2r6fl69hJdRAjViIunhA7yoRc9bGNvQ54blJ/ykHzoaG/o6fPdkG2pbFqCXLYm0JbFpXKao3Hk8l8xdBBFXgUU57LQKkdGNvIgerHoLmgwyd0p5LVT78iwl6Y4cGZDnGs9QR5osLn2WKdECyOpj6n0wBmy6uf4xCGcH9AJ+ZafvxqBb21YNHxRUAnncf8/tqrelHM=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="encryptionCertificate"

MIIC8jCCAdqgAwIBAgIQc/xsSmk91Y1Cfufo32bE1DANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIli4ws8yF3S6CBrtILXyc+YBVZrdkf8nA0Jp1N+8VDRvC7pB8pkOB2zlWZxb0w72QgwKNLOlSGqc2O06/VHXwrOdBqqGLh9rPG5nygMjoiXoZ82/gu+OZHH4e5LEY7BBZ6HME/jCXdu0Y4e6tjLuDXusxDOGeT4xYeFCV6VRlW6O153cR13FNaslndeEhweVvVuvdsOGB2yY3Uuv4x+RJesxCikSYg6g306Xin6vcbuMJ427bSCrGZZw3iaMQQcBwIkPQ3/c1hC7Z5CJ4I2rcIW91tgCMS5pQxHR2IRjC82Z1Snwj1KHo9opK8xy3MY1csc+ezwRTKE0uhroMa9GVAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB2Rp5BymejVGQL4a2d2OkvK8tt0e1f8/vgcomCEMETPoDa0UWJ4JTVgsf0PAWa5Sf/t68TsDaTm4Xom8ZMLov7WUqEkA1zSZr2IaZ/ozIvNH94aYv4MY99MHK5eJoOqjau0Tc4Us2j0teoVAGmuCYL/H9i34tZ2ExLJzp1SO1/35tGFmEajPVfOb6o9RZX2aZtc/i+dffuf9mRWLm1ujmHITntgP7kJYhehTOCfGLbwuMmR4jZhLCzrXkAAqX+m3Odpiq9Q0/8cvuzyIdyiftNYYoMj8b1f8Q2snjQtxE9juoXs5k1xOgxke3X2SRrQgNQ7zFSLKP1TURJpG98WqF0=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userCreditAssignment"

-1
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="groups"


------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userType"

arcgisonly
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="f"

pjson
------WebKitFormBoundaryc6E2kBLlZBZPaIyb--

Description

The Update IDP operation (POST only) allows the organization administrator to edit the enterprise login configuration with a single IDP.

Request parameters

ParameterDetails
name

The identity provider name.

idpMetadataFile

Metadata file that contains information about the IDP. One can also specify the settings using idpMetadataUrl or bindingUrl, postBindingUrl, and certificate parameters alternatively.

idpMetadataUrl

Metadata URL that returns information about the IDP.

bindingUrl

The HTTP redirect binding IDP's URL that your organization uses to allow a member to sign in.

postBindingUrl

The HTTP POST binding IDP's URL that your organization uses to allow a member to sign in.

certificate

Base64-encoded certificate text used to validate metadata service, enclosed between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

logoutUrl

IDP URL used to sign out a signed-in user (automatically set if the property is specified in the IDP metadata file).

entityId

Entity ID used to identify the organization in IDP.

signUpMode

Determines whether enterprise members join the organization automatically or through an invitation.

Values: Automatic | Invitation

encryptionSupported

If true, it indicates to the identity provider that encrypted SAML assertion responses are supported. The default is false.

Values: true | false

roleId

The default role members are assigned. This is used when signUpMode is Automatic.

supportSignedRequest

If true, the organization signs the SAML authentication request sent to the IDP. The default is false.

Values: true | false

useSHA256

If true, the organization signs the request using the SHA-256 hash function. This parameter is used when supportSignedRequest is true. The default is false.

Values: true | false

supportsLogoutRequest

If true, signing out of the organization propagates logout of the IDP. The default is false.

Values: true | false

level
Legacy:

This parameter has been deprecated as of ArcGIS Enterprise 10.7 and the December 2018 update of ArcGIS Online. Users should instead use the userLicenseType parameter below.

Default license level members are assigned. This is used when signUpMode is Automatic.

userLicenseType

Default user license type members are assigned. This parameter is used when signUpMode is Automatic.

groups

An array of group members are added upon joining the organization. This parameter is used when signUpMode is Automatic.

Example

["6dc1a6f134b44ebb8d1f1b55f0ad8753","538553267d36484daee14bf60105e119"]
userCreditAssignment

Used when the organization has credit budgeting enabled. This parameter assigns a specific credit allocation for each joining member or to the default organization limit with -1.

updateProfileAtSignin

If true, automatically syncs user account information (for instance, full name and email address) stored in ArcGIS Online with the information received from the IDP. The default is false.

Values: true | false

updateGroupsAtSignin

If true, it enables SAML-based group membership that allows organization members to link specified SAML-based enterprise groups to ArcGIS Online groups during group creation. The default is false.

Values: true | false

userType

Determines if new members will have Esri access (both) or if Esri access will be disabled (arcgisonly). The default value is arcgisonly.

Note:

While this parameter only applies to ArcGIS Online, the value for this parameter will still be passed through in ArcGIS Enterprise requests for this operation. This will have no impact on your ArcGIS Enterprise organization.

Values: arcgisonly | both

clearEmptyFields

Clears any string fields that are passed in empty.

Example

clearEmptyFields=true
f

The response format. The default format is html.

Values: html | json | pjson

Response properties

PropertyDetails
success

Indicates if the operation was successful.

idpId

The ID of the organization IDP registration.

JSON Response syntax


{
  "success": true,
  "idpId": "<idpId>"
}

JSON Response example


{
  "success": true,
  "idpId": "wmwHndkeZHZxOg45"
}