REST API for Identity Federation
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

Treasure Data uses the same API endpoints for all our Identity Providers. You can set different values in your payload body to specify the needs of your IdP, including your identity provider name, sign-in and sign-out endpoints, or certification of IdP.

This reference contains APIs for various operations, including getting, creating, editing, deleting configurations for SSO and user settings.

V3 SSO Settings

GET /v3/account/sso_setting

Get SSO settings.

HTTP Verb	Resource	Description
GET	`/v3/account/sso_setting`	Gets account settings for their SSO configuration.

Parameter Name	Required	Type	Description
`sso_setting`	Yes	object	An SSO setting

Sample Request

curl Request**

**Sample Request**

```curl Sample Request
curl --request GET 
--location 'https://api.treasuredata.com/v3/account/sso_setting' \
--header 'Content-Type: application/json' \
--header 'Authorization: TD1 \<td_api_token>'

Sample Response Status: 200 OK

{
  "sso_setting": {
    "cert": "-----BEGIN CERTIFICATE----- xxx -----END CERTIFICATE-----",
    "identity_provider_name": "AzureAD",
    "sign_in_endpoint": "https://login.example.com/ffffffff-ffff-ffff-ffff-ffffffffffff/saml",
    "sign_out_endpoint": "https://login.exmple.com/signout",
    "strategy": "samlp",
    "updated_at": "2020-12-31T11:22:33.000Z"
  }
}

POST /v3/account/sso_setting

Creates a new SSO setting.

HTTP Verb	Resource	Description
POST	`/v3/account/sso_setting`	Allows admin to create and configure IdP for an account.

Parameter Name	Required	Type	Description
`sso_setting`	Yes	object	An SSO setting

Sample Request

curl --request POST
--location 'https://api.treasuredata.com/v3/account/sso_setting' \ 
--header 'Content-Type: application/json' \
--header 'Authorization: TD1 \<td_api_token>'
--data-raw '{
    "sso_setting": {
        "sign_in_endpoint": "urn:treasuredata:sso:eu01:1",
        "sign_out_endpoint": null,
        "cert": "-----BEGIN CERTIFICATE-----\r\xxxxx\r\n-----END CERTIFICATE-----\r\n"
    }
}

Sample Response Status: 200 OK

{
  "sso_setting": {
    "cert": "-----BEGIN CERTIFICATE----- xxx -----END CERTIFICATE-----",
    "identity_provider_name": "AzureAD",
    "sign_in_endpoint": "https://login.example.com/ffffffff-ffff-ffff-ffff-ffffffffffff/saml",
    "sign_out_endpoint": "https://login.exmple.com/signout",
    "strategy": "samlp",
    "updated_at": "2020-12-31T11:22:33.000Z"
  }
}

PUT /v3/account/sso_setting

Updates to an IdP account setting.

HTTP Verb	Resource	Description
POST	`/v3/account/sso_setting`	Allows admin to make updates to an IdP account setting.

Parameter Name	Required	Type	Description
`sso_setting`	Yes	object	An SSO setting

Sample Request

curl --request PUT
--location 'https://api.treasuredata.com/v3/account/sso_setting' \
--header 'Content-Type: application/json' \
--header 'Authorization: TD1 \<td_api_token>'
--data-raw '{
    "sso_setting": {
        "sign_in_endpoint": "urn:treasuredata:sso:eu01:1",
        "sign_out_endpoint": null,
        "cert": "-----BEGIN CERTIFICATE-----\r\xxxxx\r\n-----END CERTIFICATE-----\r\n"
    }
}

Sample Response Status: 200 OK

{
  "sso_setting": {
    "cert": "-----BEGIN CERTIFICATE----- xxx -----END CERTIFICATE-----",
    "identity_provider_name": "AzureAD",
    "sign_in_endpoint": "https://login.example.com/ffffffff-ffff-ffff-ffff-ffffffffffff/saml",
    "sign_out_endpoint": "https://login.exmple.com/signout",
    "strategy": "samlp",
    "updated_at": "2020-12-31T11:22:33.000Z"
  }
}

DELETE /v3/account/sso_setting

Delete an IdP account setting.

HTTP Verb	Resource	Description
DELETE	`/v3/account/sso_setting`	Allows admin to delete an IdP account setting.

Parameter Name	Required	Type	Description
`sso_setting`	Yes	object	An SSO setting

Sample Request

curl --request DELETE 
--location 'https://api.treasuredata.com/v3/account/sso_setting' \
--header 'Content-Type: application/json' \
--header 'Authorization: TD1 \<td_api_token>'

V3 User Settings

POST /v3/user/create_with_sso/:user_first_name

Create a user with SSO.

HTTP Verb	Resource	Description
POST	`/v3/user/create_with_sso/:user_first_name`	Allows the admin to create a user with SSO.

Parameter Name	Required	Type	Description
`user_first_name`	Yes	string	First name of user
`email`	Yes	string	Email user uses to log in
`identifier`	Yes	string	SSO identifier from IdP

Sample Request

curl --request POST 
--location 'https://api.treasuredata.com/v3/user/create_with_sso/:user_first_name' \ 
--header 'Content-Type: application/json' \ 
--header 'Authorization: TD1 \<td_api_token>' 
--data-raw '{ 
    "sso_setting": { "user_first_name": "user_first_name", 
    "email": "email@abc.com", 
    "identifier": "12345678" 
    } 
}

Sample Response Status: 200 OK

{
  "first_name": "Jake",
  "email": "jake@companyName.com",
  "identifier": "employee_number-00001"
}

POST /v3/user/enforce_sso/:user_email

Enforces SSO.

HTTP Verb	Resource	Description
POST	`/v3/user/enforce_sso/:user_email`	Allows admin to make it mandatory for a user to login with SSO.

Parameter Name	Required	Type	Description
`user_email`	Yes	string	Email of the user
`identifier`	Yes	string	SSO identifier from IdP

Sample Request

curl --request POST 
--location 'https://api.treasuredata.com/v3/user/enforce_sso/:user_email' \ 
--header 'Content-Type: application/json' \ 
--header 'Authorization: TD1 \<td_api_token>' 
--data-raw '{ 
    "sso_setting": { "user_email": "user_email",
    "identifier": "12345678"
    }
}

Sample Response Status: 200 OK

{
  "email": "jake@companyName.com",
  "identifier": "employee_number-00001"
}

POST /v3/user/enable_sso/:user_email

Enables SSO for a user.

HTTP Verb	Resource	Description
POST	`/v3/user/enable_sso/:user_email`	Allows admin to permit a user to login with SSO.

Parameter Name	Required	Type	Description
`user_email`	Yes	string	Email of the user
`identifier`	Yes	string	SSO identifier from IdP

Sample Request

curl --request POST 
--location 'https://api.treasuredata.com/v3/user/enable_sso/:user_email' \ --header 'Content-Type: application/json' \ 
--header 'Authorization: TD1 \<td_api_token>' 
--data-raw '{ 
    "sso_setting": { "user_email": "user_email",
    "identifier": "12345678"
    }
}

Sample Response Status: 200 OK

{
  "email": "jake@companyName.com",
  "identifier": "employee_number-00001"
}

POST /v3/user/disable_sso/:user_email

Disables SSO for a user.

HTTP Verb	Resource	Description
POST	`/v3/user/disable_sso/:user_email`	Allows admin to prohibit a user from logging in with SSO.

Parameter Name	Required	Type	Description
`user_email`	Yes	string	Email of the user

Sample Request

Sample Request

curl --request POST 
--location 'https://api.treasuredata.com/v3/user/disable_sso/:user_email' \ 
--header 'Content-Type: application/json' \ 
--header 'Authorization: TD1 \<td_api_token>' 
--data-raw '{ 
    "sso_setting": { "user_email": "user_email"
    }
}

REST API for Identity FederationCopyCopy for LLMCopy page as Markdown for LLMsView as MarkdownOpen this page as MarkdownOpen in ChatGPTGet insights from ChatGPTOpen in ClaudeGet insights from Claude

V3 SSO Settings

GET /v3/account/sso_setting

POST /v3/account/sso_setting

PUT /v3/account/sso_setting

DELETE /v3/account/sso_setting

V3 User Settings

POST /v3/user/create_with_sso/:user_first_name

POST /v3/user/enforce_sso/:user_email

POST /v3/user/enable_sso/:user_email

POST /v3/user/disable_sso/:user_email

Was this helpful?

REST API for Identity Federation
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude