Frontegg · Capability

Frontegg SSO API

Frontegg SSO API capability. 29 operations. Lead operation: Get vendor's SAML config. Self-contained Naftiko capability for the Frontegg Frontegg SSO business surface.

Run with Naftiko FronteggSSO

What You Can Do

GET
Samlcontrollerv1_getvendorsamlconfig — Get vendor's SAML config
/v1/resources/sso/v1/saml/configurations/vendor-config
GET
Samlcontrollerv1_getspcertificate — Get service provider certificate
/v1/resources/sso/v1/saml/configurations/sp-certificate
GET
Samlcontrollerv1_getspmetadata — Get service provider metadata
/v1/resources/sso/v1/saml/configurations/sp-metadata
POST
Ssoconfigurationcontrollerv1_createssoconfiguration — Create SSO configuration
/v1/resources/sso/v1/configurations
GET
Ssoconfigurationcontrollerv1_getssoconfigurations — Get SSO configurations
/v1/resources/sso/v1/configurations
DELETE
Ssoconfigurationcontrollerv1_deletessoconfiguration — Delete SSO configuration
/v1/resources/sso/v1/configurations/{configurationId}
PATCH
Ssoconfigurationcontrollerv1_updatessoconfiguration — Update SSO configuration
/v1/resources/sso/v1/configurations/{configurationId}
POST
Ssoconfigurationcontrollerv1_createssoconfigurationbymetadata — Create SSO configuration using metadata
/v1/resources/sso/v1/configurations/metadata
PUT
Ssoconfigurationcontrollerv1_updatessoconfigurationbymetadata — Update SSO configuration using metadata
/v1/resources/sso/v1/configurations/{configurationId}/metadata
POST
Ssodomaincontrollerv1_createssodomain — Create SSO domain
/v1/resources/sso/v1/configurations/{configurationId}/domains
DELETE
Ssodomaincontrollerv1_deletessodomain — Delete SSO domain
/v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId}
PUT
Ssodomaincontrollerv1_validatessodomainbyemail — Validate SSO domain by email
/v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId}/validate/email
PUT
Ssodomaincontrollerv2_validatessodomain — Validate SSO domain
/v1/resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate
PUT
Ssorolescontrollerv1_setssodefaultroles — Set SSO default roles
/v1/resources/sso/v1/configurations/{configurationId}/roles
GET
Ssorolescontrollerv1_getssodefaultroles — Get SSO default roles
/v1/resources/sso/v1/configurations/{configurationId}/roles
POST
Ssogroupscontrollerv1_createssogroup — Create an SSO group
/v1/resources/sso/v1/configurations/{configurationId}/groups
GET
Ssogroupscontrollerv1_getssogroup — Get SSO group
/v1/resources/sso/v1/configurations/{configurationId}/groups
PATCH
Ssogroupscontrollerv1_updatessogroup — Update SSO group
/v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId}
DELETE
Ssogroupscontrollerv1_deletessogroup — Delete SSO group
/v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId}
POST
Excludeemailsfromssov1_excludessoemail — Exclude email from SSO
/v1/resources/sso/v1/configurations/excluded-emails
GET
Excludeemailsfromssov1_getssoexcludedemails — Get SSO excluded emails
/v1/resources/sso/v1/configurations/excluded-emails
DELETE
Excludeemailsfromssov1_deletessoexcludedemail — Delete SSO excluded email
/v1/resources/sso/v1/configurations/excluded-emails/{email}
PUT
Vendoronlyssoconfigurationcontrollerv1_forcessodomainvalidation — Vendor only - Force SSO domain validation
/v1/resources/sso/v1/configurations/domains/{domain}/force-validate
GET
Ssopertenantcontrollerv1_getssopertenantconfig — Get SSO per account (tenant) configuration
/v1/resources/sso/v1/configurations/multiple-sso-per-domain
PUT
Ssopertenantcontrollerv1_createorupdatessopertenantconfig — Create or update SSO per account (tenant) configuration
/v1/resources/sso/v1/configurations/multiple-sso-per-domain
PUT
Ssodomainsconfigurationcontrollerv1_createorupdatessodomainsconfiguration — Create or update SSO domains configuration
/v1/resources/sso/v1/configurations/domains
GET
Ssodomainsconfigurationcontrollerv1_getssodomainsconfiguration — Get SSO domains configuration
/v1/resources/sso/v1/configurations/domains
GET
Oidccontrollerv1_getoidcconifguration — Get OIDC configuration
/v1/resources/sso/v1/oidc/configurations
POST
Oidccontrollerv1_configureoidc — Configure OIDC
/v1/resources/sso/v1/oidc/configurations

MCP Tools

frontegg-sso-samlcontrollerv1-getvendorsamlconfig

Get vendor's SAML config

read-only idempotent
frontegg-sso-samlcontrollerv1-getspcertificate

Get service provider certificate

read-only idempotent
frontegg-sso-samlcontrollerv1-getspmetadata

Get service provider metadata

read-only idempotent
frontegg-sso-ssoconfigurationcontrollerv1-createssoconfigura

Create SSO configuration

frontegg-sso-ssoconfigurationcontrollerv1-getssoconfiguratio

Get SSO configurations

read-only idempotent
frontegg-sso-ssoconfigurationcontrollerv1-deletessoconfigura

Delete SSO configuration

idempotent
frontegg-sso-ssoconfigurationcontrollerv1-updatessoconfigura

Update SSO configuration

frontegg-sso-ssoconfigurationcontrollerv1-createssoconfigura

Create SSO configuration using metadata

frontegg-sso-ssoconfigurationcontrollerv1-updatessoconfigura

Update SSO configuration using metadata

idempotent
frontegg-sso-ssodomaincontrollerv1-createssodomain

Create SSO domain

frontegg-sso-ssodomaincontrollerv1-deletessodomain

Delete SSO domain

idempotent
frontegg-sso-ssodomaincontrollerv1-validatessodomainbyemail

Validate SSO domain by email

idempotent
frontegg-sso-ssodomaincontrollerv2-validatessodomain

Validate SSO domain

idempotent
frontegg-sso-ssorolescontrollerv1-setssodefaultroles

Set SSO default roles

idempotent
frontegg-sso-ssorolescontrollerv1-getssodefaultroles

Get SSO default roles

read-only idempotent
frontegg-sso-ssogroupscontrollerv1-createssogroup

Create an SSO group

frontegg-sso-ssogroupscontrollerv1-getssogroup

Get SSO group

read-only idempotent
frontegg-sso-ssogroupscontrollerv1-updatessogroup

Update SSO group

frontegg-sso-ssogroupscontrollerv1-deletessogroup

Delete SSO group

idempotent
frontegg-sso-excludeemailsfromssov1-excludessoemail

Exclude email from SSO

frontegg-sso-excludeemailsfromssov1-getssoexcludedemails

Get SSO excluded emails

read-only idempotent
frontegg-sso-excludeemailsfromssov1-deletessoexcludedemail

Delete SSO excluded email

idempotent
frontegg-sso-vendoronlyssoconfigurationcontrollerv1-forcesso

Vendor only - Force SSO domain validation

idempotent
frontegg-sso-ssopertenantcontrollerv1-getssopertenantconfig

Get SSO per account (tenant) configuration

read-only idempotent
frontegg-sso-ssopertenantcontrollerv1-createorupdatessoperte

Create or update SSO per account (tenant) configuration

idempotent
frontegg-sso-ssodomainsconfigurationcontrollerv1-createorupd

Create or update SSO domains configuration

idempotent
frontegg-sso-ssodomainsconfigurationcontrollerv1-getssodomai

Get SSO domains configuration

read-only idempotent
frontegg-sso-oidccontrollerv1-getoidcconifguration

Get OIDC configuration

read-only idempotent
frontegg-sso-oidccontrollerv1-configureoidc

Configure OIDC

Capability Spec

frontegg-sso.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Frontegg SSO API
  description: 'Frontegg SSO API capability. 29 operations. Lead operation: Get vendor''s SAML config. Self-contained Naftiko capability for the Frontegg Frontegg SSO business surface.'
  tags:
  - Frontegg
  - SSO
  created: '2026-05-22'
  modified: '2026-05-22'
binds:
- namespace: env
  keys:
    FRONTEGG_CLIENT_ID: FRONTEGG_CLIENT_ID
    FRONTEGG_API_KEY: FRONTEGG_API_KEY
    FRONTEGG_BEARER_TOKEN: FRONTEGG_BEARER_TOKEN
capability:
  consumes:
  - type: http
    namespace: frontegg-sso
    baseUri: https://api.frontegg.com/team
    description: Frontegg SSO API. Bearer JWT (environment or user token) authentication.
    resources:
    - name: resources-sso-v1-saml-configurations-vendor-config
      path: /resources/sso/v1/saml/configurations/vendor-config
      operations:
      - name: SamlControllerV1_getVendorSamlConfig
        method: GET
        description: Get vendor's SAML config
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-v1-saml-configurations-sp-certificate
      path: /resources/sso/v1/saml/configurations/sp-certificate
      operations:
      - name: SamlControllerV1_getSpCertificate
        method: GET
        description: Get service provider certificate
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-v1-saml-configurations-sp-metadata
      path: /resources/sso/v1/saml/configurations/sp-metadata
      operations:
      - name: SamlControllerV1_getSpMetadata
        method: GET
        description: Get service provider metadata
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
    - name: resources-sso-v1-configurations
      path: /resources/sso/v1/configurations
      operations:
      - name: SsoConfigurationControllerV1_createSsoConfiguration
        method: POST
        description: Create SSO configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SsoConfigurationControllerV1_getSsoConfigurations
        method: GET
        description: Get SSO configurations
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
    - name: resources-sso-v1-configurations-configurationid
      path: /resources/sso/v1/configurations/{configurationId}
      operations:
      - name: SsoConfigurationControllerV1_deleteSsoConfiguration
        method: DELETE
        description: Delete SSO configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
      - name: SsoConfigurationControllerV1_updateSsoConfiguration
        method: PATCH
        description: Update SSO configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-metadata
      path: /resources/sso/v1/configurations/metadata
      operations:
      - name: SsoConfigurationControllerV1_createSsoConfigurationByMetadata
        method: POST
        description: Create SSO configuration using metadata
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-configurationid-metadata
      path: /resources/sso/v1/configurations/{configurationId}/metadata
      operations:
      - name: SsoConfigurationControllerV1_updateSsoConfigurationByMetadata
        method: PUT
        description: Update SSO configuration using metadata
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-configurationid-domains
      path: /resources/sso/v1/configurations/{configurationId}/domains
      operations:
      - name: SsoDomainControllerV1_createSsoDomain
        method: POST
        description: Create SSO domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-configurationid-domains-doma
      path: /resources/sso/v1/configurations/{configurationId}/domains/{domainId}
      operations:
      - name: SsoDomainControllerV1_deleteSsoDomain
        method: DELETE
        description: Delete SSO domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: domainId
          in: path
          type: string
          description: domainId parameter
          required: true
      - name: SsoDomainControllerV1_validateSsoDomainByEmail
        method: PUT
        description: Validate SSO domain by email
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: domainId
          in: path
          type: string
          description: domainId parameter
          required: true
    - name: resources-sso-v2-configurations-configurationid-domains-doma
      path: /resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate
      operations:
      - name: SsoDomainControllerV2_validateSsoDomain
        method: PUT
        description: Validate SSO domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: domainId
          in: path
          type: string
          description: domainId parameter
          required: true
    - name: resources-sso-v1-configurations-configurationid-roles
      path: /resources/sso/v1/configurations/{configurationId}/roles
      operations:
      - name: SsoRolesControllerV1_setSsoDefaultRoles
        method: PUT
        description: Set SSO default roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SsoRolesControllerV1_getSsoDefaultRoles
        method: GET
        description: Get SSO default roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
    - name: resources-sso-v1-configurations-configurationid-groups
      path: /resources/sso/v1/configurations/{configurationId}/groups
      operations:
      - name: SsoGroupsControllerV1_createSsoGroup
        method: POST
        description: Create an SSO group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SsoGroupsControllerV1_getSsoGroup
        method: GET
        description: Get SSO group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
    - name: resources-sso-v1-configurations-configurationid-groups-group
      path: /resources/sso/v1/configurations/{configurationId}/groups/{groupId}
      operations:
      - name: SsoGroupsControllerV1_updateSsoGroup
        method: PATCH
        description: Update SSO group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: groupId
          in: path
          type: string
          description: groupId parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SsoGroupsControllerV1_deleteSsoGroup
        method: DELETE
        description: Delete SSO group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: configurationId
          in: path
          type: string
          description: configurationId parameter
          required: true
        - name: groupId
          in: path
          type: string
          description: groupId parameter
          required: true
    - name: resources-sso-v1-configurations-excluded-emails
      path: /resources/sso/v1/configurations/excluded-emails
      operations:
      - name: ExcludeEmailsFromSSOV1_excludeSSOEmail
        method: POST
        description: Exclude email from SSO
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: ExcludeEmailsFromSSOV1_getSSOExcludedEmails
        method: GET
        description: Get SSO excluded emails
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-v1-configurations-excluded-emails-email
      path: /resources/sso/v1/configurations/excluded-emails/{email}
      operations:
      - name: ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail
        method: DELETE
        description: Delete SSO excluded email
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: email
          in: path
          type: string
          description: email parameter
          required: true
    - name: resources-sso-v1-configurations-domains-domain-force-validat
      path: /resources/sso/v1/configurations/domains/{domain}/force-validate
      operations:
      - name: VendorOnlySsoConfigurationControllerV1_forceSsoDomainValidation
        method: PUT
        description: Vendor only - Force SSO domain validation
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: domain
          in: path
          type: string
          description: domain parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-multiple-sso-per-domain
      path: /resources/sso/v1/configurations/multiple-sso-per-domain
      operations:
      - name: SsoPerTenantControllerV1_getSSOPerTenantConfig
        method: GET
        description: Get SSO per account (tenant) configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
      - name: SsoPerTenantControllerV1_createOrUpdateSSOPerTenantConfig
        method: PUT
        description: Create or update SSO per account (tenant) configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-sso-v1-configurations-domains
      path: /resources/sso/v1/configurations/domains
      operations:
      - name: SSODomainsConfigurationControllerV1_createOrUpdateSSODomainsConfiguration
        method: PUT
        description: Create or update SSO domains configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SSODomainsConfigurationControllerV1_getSSODomainsConfiguration
        method: GET
        description: Get SSO domains configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-v1-oidc-configurations
      path: /resources/sso/v1/oidc/configurations
      operations:
      - name: OidcControllerV1_getOidcConifguration
        method: GET
        description: Get OIDC configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
      - name: OidcControllerV1_configureOidc
        method: POST
        description: Configure OIDC
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
  exposes:
  - type: rest
    namespace: frontegg-sso-rest
    port: 8080
    description: REST adapter for Frontegg SSO. One resource per consumed operation, prefixed with /v1.
    resources:
    - path: /v1/resources/sso/v1/saml/configurations/vendor-config
      name: resources-sso-v1-saml-configurations-vendor-config
      description: REST surface for resources-sso-v1-saml-configurations-vendor-config.
      operations:
      - method: GET
        name: SamlControllerV1_getVendorSamlConfig
        description: Get vendor's SAML config
        call: frontegg-sso.SamlControllerV1_getVendorSamlConfig
        with: {}
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/saml/configurations/sp-certificate
      name: resources-sso-v1-saml-configurations-sp-certificate
      description: REST surface for resources-sso-v1-saml-configurations-sp-certificate.
      operations:
      - method: GET
        name: SamlControllerV1_getSpCertificate
        description: Get service provider certificate
        call: frontegg-sso.SamlControllerV1_getSpCertificate
        with: {}
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/saml/configurations/sp-metadata
      name: resources-sso-v1-saml-configurations-sp-metadata
      description: REST surface for resources-sso-v1-saml-configurations-sp-metadata.
      operations:
      - method: GET
        name: SamlControllerV1_getSpMetadata
        description: Get service provider metadata
        call: frontegg-sso.SamlControllerV1_getSpMetadata
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations
      name: resources-sso-v1-configurations
      description: REST surface for resources-sso-v1-configurations.
      operations:
      - method: POST
        name: SsoConfigurationControllerV1_createSsoConfiguration
        description: Create SSO configuration
        call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfiguration
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations
      name: resources-sso-v1-configurations
      description: REST surface for resources-sso-v1-configurations.
      operations:
      - method: GET
        name: SsoConfigurationControllerV1_getSsoConfigurations
        description: Get SSO configurations
        call: frontegg-sso.SsoConfigurationControllerV1_getSsoConfigurations
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}
      name: resources-sso-v1-configurations-configurationid
      description: REST surface for resources-sso-v1-configurations-configurationid.
      operations:
      - method: DELETE
        name: SsoConfigurationControllerV1_deleteSsoConfiguration
        description: Delete SSO configuration
        call: frontegg-sso.SsoConfigurationControllerV1_deleteSsoConfiguration
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}
      name: resources-sso-v1-configurations-configurationid
      description: REST surface for resources-sso-v1-configurations-configurationid.
      operations:
      - method: PATCH
        name: SsoConfigurationControllerV1_updateSsoConfiguration
        description: Update SSO configuration
        call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfiguration
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/metadata
      name: resources-sso-v1-configurations-metadata
      description: REST surface for resources-sso-v1-configurations-metadata.
      operations:
      - method: POST
        name: SsoConfigurationControllerV1_createSsoConfigurationByMetadata
        description: Create SSO configuration using metadata
        call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfigurationByMetadata
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/metadata
      name: resources-sso-v1-configurations-configurationid-metadata
      description: REST surface for resources-sso-v1-configurations-configurationid-metadata.
      operations:
      - method: PUT
        name: SsoConfigurationControllerV1_updateSsoConfigurationByMetadata
        description: Update SSO configuration using metadata
        call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfigurationByMetadata
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/domains
      name: resources-sso-v1-configurations-configurationid-domains
      description: REST surface for resources-sso-v1-configurations-configurationid-domains.
      operations:
      - method: POST
        name: SsoDomainControllerV1_createSsoDomain
        description: Create SSO domain
        call: frontegg-sso.SsoDomainControllerV1_createSsoDomain
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId}
      name: resources-sso-v1-configurations-configurationid-domains-doma
      description: REST surface for resources-sso-v1-configurations-configurationid-domains-doma.
      operations:
      - method: DELETE
        name: SsoDomainControllerV1_deleteSsoDomain
        description: Delete SSO domain
        call: frontegg-sso.SsoDomainControllerV1_deleteSsoDomain
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          domainId: rest.domainId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId}/validate/email
      name: resources-sso-v1-configurations-configurationid-domains-doma
      description: REST surface for resources-sso-v1-configurations-configurationid-domains-doma.
      operations:
      - method: PUT
        name: SsoDomainControllerV1_validateSsoDomainByEmail
        description: Validate SSO domain by email
        call: frontegg-sso.SsoDomainControllerV1_validateSsoDomainByEmail
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          domainId: rest.domainId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate
      name: resources-sso-v2-configurations-configurationid-domains-doma
      description: REST surface for resources-sso-v2-configurations-configurationid-domains-doma.
      operations:
      - method: PUT
        name: SsoDomainControllerV2_validateSsoDomain
        description: Validate SSO domain
        call: frontegg-sso.SsoDomainControllerV2_validateSsoDomain
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          domainId: rest.domainId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/roles
      name: resources-sso-v1-configurations-configurationid-roles
      description: REST surface for resources-sso-v1-configurations-configurationid-roles.
      operations:
      - method: PUT
        name: SsoRolesControllerV1_setSsoDefaultRoles
        description: Set SSO default roles
        call: frontegg-sso.SsoRolesControllerV1_setSsoDefaultRoles
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/roles
      name: resources-sso-v1-configurations-configurationid-roles
      description: REST surface for resources-sso-v1-configurations-configurationid-roles.
      operations:
      - method: GET
        name: SsoRolesControllerV1_getSsoDefaultRoles
        description: Get SSO default roles
        call: frontegg-sso.SsoRolesControllerV1_getSsoDefaultRoles
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/groups
      name: resources-sso-v1-configurations-configurationid-groups
      description: REST surface for resources-sso-v1-configurations-configurationid-groups.
      operations:
      - method: POST
        name: SsoGroupsControllerV1_createSsoGroup
        description: Create an SSO group
        call: frontegg-sso.SsoGroupsControllerV1_createSsoGroup
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/groups
      name: resources-sso-v1-configurations-configurationid-groups
      description: REST surface for resources-sso-v1-configurations-configurationid-groups.
      operations:
      - method: GET
        name: SsoGroupsControllerV1_getSsoGroup
        description: Get SSO group
        call: frontegg-sso.SsoGroupsControllerV1_getSsoGroup
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId}
      name: resources-sso-v1-configurations-configurationid-groups-group
      description: REST surface for resources-sso-v1-configurations-configurationid-groups-group.
      operations:
      - method: PATCH
        name: SsoGroupsControllerV1_updateSsoGroup
        description: Update SSO group
        call: frontegg-sso.SsoGroupsControllerV1_updateSsoGroup
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          groupId: rest.groupId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId}
      name: resources-sso-v1-configurations-configurationid-groups-group
      description: REST surface for resources-sso-v1-configurations-configurationid-groups-group.
      operations:
      - method: DELETE
        name: SsoGroupsControllerV1_deleteSsoGroup
        description: Delete SSO group
        call: frontegg-sso.SsoGroupsControllerV1_deleteSsoGroup
        with:
          frontegg-tenant-id: rest.frontegg-tenant-id
          configurationId: rest.configurationId
          groupId: rest.groupId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/excluded-emails
      name: resources-sso-v1-configurations-excluded-emails
      description: REST surface for resources-sso-v1-configurations-excluded-emails.
      operations:
      - method: POST
        name: ExcludeEmailsFromSSOV1_excludeSSOEmail
        description: Exclude email from SSO
        call: frontegg-sso.ExcludeEmailsFromSSOV1_excludeSSOEmail
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/excluded-emails
      name: resources-sso-v1-configurations-excluded-emails
      description: REST surface for resources-sso-v1-configurations-excluded-emails.
      operations:
      - method: GET
        name: ExcludeEmailsFromSSOV1_getSSOExcludedEmails
        description: Get SSO excluded emails
        call: frontegg-sso.ExcludeEmailsFromSSOV1_getSSOExcludedEmails
        with: {}
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/excluded-emails/{email}
      name: resources-sso-v1-configurations-excluded-emails-email
      description: REST surface for resources-sso-v1-configurations-excluded-emails-email.
      operations:
      - method: DELETE
        name: ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail
        description: Delete SSO excluded email
        call: frontegg-sso.ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail
        with:
          email: rest.email
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/resources/sso/v1/configurations/domains/{domain}/force-validate
      name: resources-sso-v1-configurations-domains-domain-force-validat
      description: REST surface for resources-sso-v1-configurations-domains-domain-force-validat.
      operations:
      - method: PUT
        name: VendorOn

# --- truncated at 32 KB (47 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/capabilities/frontegg-sso.yaml