- URL:https://[root]/portals/[portalID]/idp/[idpID]/update(POST only)
Example usage
Below is a sample ArcGIS Online multipart POST request for the update operation:
POST /sharing/rest/portals/0123456789ABCDEF/idp/wmwHndkeZHZxOg45/update HTTP/1.1
Host: org.arcgis.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Length: []
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="name"
SAML / ADFS
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="signUpMode"
Automatic
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="entityId"
org.domain.com.portal
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="roleId"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="level"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userLicenseType"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataUrl"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataFile"; filename=""
Content-Type: application/octet-stream
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="bindingUrl"
https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="postBindingUrl"
https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="logoutUrl"
https://domain.com.com/adfs/ls/
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="certificate"
MIIC7DCCAdSgAwIBAgIQFbBmTUp9fKJJB/elgcdwxzANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2gmwU3Iw8GkNBGiVF3bigUdBmfMsLYOZVZVSUs9Dhv4i5KTjGyDY5ToR7G/Y4ie5C847IXkoVO9Zaywyd7DFuZIrDm34zjs7UkaTXMRwE9C42ndpktARiX2gIvaM9ZC/By71NidtNL3nXEwW0MYufgKRnX39GgEfBdgbr1Hv1R3tjb4OvX4bHthWjN30IW9jcYLOIB9eR8Mwtd45xGLZlXi2rqFta+amGB2jh87nJQawJP5WnUa+AHz1wsK3Q3reiEEiPUtfv/9wvjcbYy9rhuiuR9kgcvP9wzMjWOsjQeYm0hjEmXHb/rB/VeNcr+aXNsqb0CnFNsJeI0cmPN3bLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGD+hPYcGxHnJqGZ2bgtwD2w7AkgKX76Ta/Muy3uuZkojOG9eT8VYShnjKsfotbOGYsWUXnFNDd8n0jDfHv6ieVc4UoCTqxwycxj5FLjCV3s+AoiCniPqcdRfgjMGxcL9kFJS8KKzyvcFS8Hz/2r6fl69hJdRAjViIunhA7yoRc9bGNvQ54blJ/ykHzoaG/o6fPdkG2pbFqCXLYm0JbFpXKao3Hk8l8xdBBFXgUU57LQKkdGNvIgerHoLmgwyd0p5LVT78iwl6Y4cGZDnGs9QR5osLn2WKdECyOpj6n0wBmy6uf4xCGcH9AJ+ZafvxqBb21YNHxRUAnncf8/tqrelHM=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="encryptionCertificate"
MIIC8jCCAdqgAwIBAgIQc/xsSmk91Y1Cfufo32bE1DANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIli4ws8yF3S6CBrtILXyc+YBVZrdkf8nA0Jp1N+8VDRvC7pB8pkOB2zlWZxb0w72QgwKNLOlSGqc2O06/VHXwrOdBqqGLh9rPG5nygMjoiXoZ82/gu+OZHH4e5LEY7BBZ6HME/jCXdu0Y4e6tjLuDXusxDOGeT4xYeFCV6VRlW6O153cR13FNaslndeEhweVvVuvdsOGB2yY3Uuv4x+RJesxCikSYg6g306Xin6vcbuMJ427bSCrGZZw3iaMQQcBwIkPQ3/c1hC7Z5CJ4I2rcIW91tgCMS5pQxHR2IRjC82Z1Snwj1KHo9opK8xy3MY1csc+ezwRTKE0uhroMa9GVAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB2Rp5BymejVGQL4a2d2OkvK8tt0e1f8/vgcomCEMETPoDa0UWJ4JTVgsf0PAWa5Sf/t68TsDaTm4Xom8ZMLov7WUqEkA1zSZr2IaZ/ozIvNH94aYv4MY99MHK5eJoOqjau0Tc4Us2j0teoVAGmuCYL/H9i34tZ2ExLJzp1SO1/35tGFmEajPVfOb6o9RZX2aZtc/i+dffuf9mRWLm1ujmHITntgP7kJYhehTOCfGLbwuMmR4jZhLCzrXkAAqX+m3Odpiq9Q0/8cvuzyIdyiftNYYoMj8b1f8Q2snjQtxE9juoXs5k1xOgxke3X2SRrQgNQ7zFSLKP1TURJpG98WqF0=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userCreditAssignment"
-1
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="groups"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userType"
arcgisonly
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="f"
pjson
------WebKitFormBoundaryc6E2kBLlZBZPaIyb--Below is a sample ArcGIS Enterprise multipart POST request for the update operation:
POST /webadaptor/sharing/rest/portals/0123456789ABCDEF/idp/wmwHndkeZHZxOg45/update HTTP/1.1
Host: machine.domain.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Length: []
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="name"
SAML / ADFS
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="signUpMode"
Automatic
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="entityId"
org.domain.com.portal
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="roleId"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="level"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userLicenseType"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataUrl"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="idpMetadataFile"; filename=""
Content-Type: application/octet-stream
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="bindingUrl"
https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="postBindingUrl"
https://domain.com.com/adfs/ls/idpinitiatedsignon.aspx
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="logoutUrl"
https://domain.com.com/adfs/ls/
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="certificate"
MIIC7DCCAdSgAwIBAgIQFbBmTUp9fKJJB/elgcdwxzANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjAyMTAwLgYDVQQDEydBREZTIFNpZ25pbmcgLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2gmwU3Iw8GkNBGiVF3bigUdBmfMsLYOZVZVSUs9Dhv4i5KTjGyDY5ToR7G/Y4ie5C847IXkoVO9Zaywyd7DFuZIrDm34zjs7UkaTXMRwE9C42ndpktARiX2gIvaM9ZC/By71NidtNL3nXEwW0MYufgKRnX39GgEfBdgbr1Hv1R3tjb4OvX4bHthWjN30IW9jcYLOIB9eR8Mwtd45xGLZlXi2rqFta+amGB2jh87nJQawJP5WnUa+AHz1wsK3Q3reiEEiPUtfv/9wvjcbYy9rhuiuR9kgcvP9wzMjWOsjQeYm0hjEmXHb/rB/VeNcr+aXNsqb0CnFNsJeI0cmPN3bLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGD+hPYcGxHnJqGZ2bgtwD2w7AkgKX76Ta/Muy3uuZkojOG9eT8VYShnjKsfotbOGYsWUXnFNDd8n0jDfHv6ieVc4UoCTqxwycxj5FLjCV3s+AoiCniPqcdRfgjMGxcL9kFJS8KKzyvcFS8Hz/2r6fl69hJdRAjViIunhA7yoRc9bGNvQ54blJ/ykHzoaG/o6fPdkG2pbFqCXLYm0JbFpXKao3Hk8l8xdBBFXgUU57LQKkdGNvIgerHoLmgwyd0p5LVT78iwl6Y4cGZDnGs9QR5osLn2WKdECyOpj6n0wBmy6uf4xCGcH9AJ+ZafvxqBb21YNHxRUAnncf8/tqrelHM=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="encryptionCertificate"
MIIC8jCCAdqgAwIBAgIQc/xsSmk91Y1Cfufo32bE1DANBgkqhkiG9w0BAQsFADA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wHhcNMjAwMzMwMjAyMTA0WhcNMjEwMzMwMjAyMTA0WjA1MTMwMQYDVQQDEypBREZTIEVuY3J5cHRpb24gLSBycHVid2lubG0wMS5hZ3MuZXNyaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIli4ws8yF3S6CBrtILXyc+YBVZrdkf8nA0Jp1N+8VDRvC7pB8pkOB2zlWZxb0w72QgwKNLOlSGqc2O06/VHXwrOdBqqGLh9rPG5nygMjoiXoZ82/gu+OZHH4e5LEY7BBZ6HME/jCXdu0Y4e6tjLuDXusxDOGeT4xYeFCV6VRlW6O153cR13FNaslndeEhweVvVuvdsOGB2yY3Uuv4x+RJesxCikSYg6g306Xin6vcbuMJ427bSCrGZZw3iaMQQcBwIkPQ3/c1hC7Z5CJ4I2rcIW91tgCMS5pQxHR2IRjC82Z1Snwj1KHo9opK8xy3MY1csc+ezwRTKE0uhroMa9GVAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB2Rp5BymejVGQL4a2d2OkvK8tt0e1f8/vgcomCEMETPoDa0UWJ4JTVgsf0PAWa5Sf/t68TsDaTm4Xom8ZMLov7WUqEkA1zSZr2IaZ/ozIvNH94aYv4MY99MHK5eJoOqjau0Tc4Us2j0teoVAGmuCYL/H9i34tZ2ExLJzp1SO1/35tGFmEajPVfOb6o9RZX2aZtc/i+dffuf9mRWLm1ujmHITntgP7kJYhehTOCfGLbwuMmR4jZhLCzrXkAAqX+m3Odpiq9Q0/8cvuzyIdyiftNYYoMj8b1f8Q2snjQtxE9juoXs5k1xOgxke3X2SRrQgNQ7zFSLKP1TURJpG98WqF0=
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userCreditAssignment"
-1
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="groups"
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="userType"
arcgisonly
------WebKitFormBoundaryc6E2kBLlZBZPaIyb
Content-Disposition: form-data; name="f"
pjson
------WebKitFormBoundaryc6E2kBLlZBZPaIyb--Description
The Update IDP operation (POST only) allows the organization administrator to edit the enterprise login configuration with a single IDP.
Request parameters
| Parameter | Details |
|---|---|
| name | The identity provider name. |
| idpMetadataFile | Metadata file that contains information about the IDP. One can also specify the settings using idpMetadataUrl or bindingUrl, postBindingUrl, and certificate parameters alternatively. |
| idpMetadataUrl | Metadata URL that returns information about the IDP. |
| bindingUrl | The HTTP redirect binding IDP's URL that your organization uses to allow a member to sign in. |
| postBindingUrl | The HTTP POST binding IDP's URL that your organization uses to allow a member to sign in. |
| certificate | Base64-encoded certificate text used to validate metadata service, enclosed between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. |
| logoutUrl | IDP URL used to sign out a signed-in user (automatically set if the property is specified in the IDP metadata file). |
| entityId | Entity ID used to identify the organization in IDP. |
| signUpMode | Determines whether enterprise members join the organization automatically or through an invitation. Values: Automatic | Invitation |
| encryptionSupported | If true, it indicates to the identity provider that encrypted SAML assertion responses are supported. The default is false. Values: true | false |
| roleId | The default role members are assigned. This is used when signUpMode is Automatic. |
| supportSignedRequest | If true, the organization signs the SAML authentication request sent to the IDP. The default is false. Values: true | false |
| useSHA256 | If true, the organization signs the request using the SHA-256 hash function. This parameter is used when supportSignedRequest is true. The default is false. Values: true | false |
| supportsLogoutRequest | If true, signing out of the organization propagates logout of the IDP. The default is false. Values: true | false |
| level | Legacy:This parameter has been deprecated as of ArcGIS Enterprise 10.7 and the December 2018 update of ArcGIS Online. Users should instead use the userLicenseType parameter below. Default license level members are assigned. This is used when signUpMode is Automatic. |
| userLicenseType | Default user license type members are assigned. This parameter is used when signUpMode is Automatic. |
| groups | An array of group members are added upon joining the organization. This parameter is used when signUpMode is Automatic. Example |
| userCreditAssignment | Used when the organization has credit budgeting enabled. This parameter assigns a specific credit allocation for each joining member or to the default organization limit with -1. |
| updateProfileAtSignin | If true, automatically syncs user account information (for instance, full name and email address) stored in ArcGIS Online with the information received from the IDP. The default is false. Values: true | false |
| updateGroupsAtSignin | If true, it enables SAML-based group membership that allows organization members to link specified SAML-based enterprise groups to ArcGIS Online groups during group creation. The default is false. Values: true | false |
| userType | Determines if new members will have Esri access (both) or if Esri access will be disabled (arcgisonly). The default value is arcgisonly. Note:While this parameter only applies to ArcGIS Online, the value for this parameter will still be passed through in ArcGIS Enterprise requests for this operation. This will have no impact on your ArcGIS Enterprise organization. Values: arcgisonly | both |
| clearEmptyFields | Clears any string fields that are passed in empty. Example |
| f | The response format. The default format is html. Values: html | json | pjson |
Response properties
| Property | Details |
|---|---|
| success | Indicates if the operation was successful. |
| idpId | The ID of the organization IDP registration. |
JSON Response syntax
{
"success": true,
"idpId": "<idpId>"
}JSON Response example
{
"success": true,
"idpId": "wmwHndkeZHZxOg45"
}