naftiko: 1.0.0-alpha2 info: label: Frontegg SSO API description: 'Frontegg SSO API capability. 29 operations. Lead operation: Get vendor''s SAML config. Self-contained Naftiko capability for the Frontegg Frontegg SSO business surface.' tags: - Frontegg - SSO created: '2026-05-22' modified: '2026-05-22' binds: - namespace: env keys: FRONTEGG_CLIENT_ID: FRONTEGG_CLIENT_ID FRONTEGG_API_KEY: FRONTEGG_API_KEY FRONTEGG_BEARER_TOKEN: FRONTEGG_BEARER_TOKEN capability: consumes: - type: http namespace: frontegg-sso baseUri: https://api.frontegg.com/team description: Frontegg SSO API. Bearer JWT (environment or user token) authentication. resources: - name: resources-sso-v1-saml-configurations-vendor-config path: /resources/sso/v1/saml/configurations/vendor-config operations: - name: SamlControllerV1_getVendorSamlConfig method: GET description: Get vendor's SAML config outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: resources-sso-v1-saml-configurations-sp-certificate path: /resources/sso/v1/saml/configurations/sp-certificate operations: - name: SamlControllerV1_getSpCertificate method: GET description: Get service provider certificate outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: resources-sso-v1-saml-configurations-sp-metadata path: /resources/sso/v1/saml/configurations/sp-metadata operations: - name: SamlControllerV1_getSpMetadata method: GET description: Get service provider metadata outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: resources-sso-v1-configurations path: /resources/sso/v1/configurations operations: - name: SsoConfigurationControllerV1_createSsoConfiguration method: POST description: Create SSO configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: body in: body type: object description: Request body (JSON). required: true - name: SsoConfigurationControllerV1_getSsoConfigurations method: GET description: Get SSO configurations outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: resources-sso-v1-configurations-configurationid path: /resources/sso/v1/configurations/{configurationId} operations: - name: SsoConfigurationControllerV1_deleteSsoConfiguration method: DELETE description: Delete SSO configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: SsoConfigurationControllerV1_updateSsoConfiguration method: PATCH description: Update SSO configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-metadata path: /resources/sso/v1/configurations/metadata operations: - name: SsoConfigurationControllerV1_createSsoConfigurationByMetadata method: POST description: Create SSO configuration using metadata outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-configurationid-metadata path: /resources/sso/v1/configurations/{configurationId}/metadata operations: - name: SsoConfigurationControllerV1_updateSsoConfigurationByMetadata method: PUT description: Update SSO configuration using metadata outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-configurationid-domains path: /resources/sso/v1/configurations/{configurationId}/domains operations: - name: SsoDomainControllerV1_createSsoDomain method: POST description: Create SSO domain outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-configurationid-domains-doma path: /resources/sso/v1/configurations/{configurationId}/domains/{domainId} operations: - name: SsoDomainControllerV1_deleteSsoDomain method: DELETE description: Delete SSO domain outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: domainId in: path type: string description: domainId parameter required: true - name: SsoDomainControllerV1_validateSsoDomainByEmail method: PUT description: Validate SSO domain by email outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: domainId in: path type: string description: domainId parameter required: true - name: resources-sso-v2-configurations-configurationid-domains-doma path: /resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate operations: - name: SsoDomainControllerV2_validateSsoDomain method: PUT description: Validate SSO domain outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: domainId in: path type: string description: domainId parameter required: true - name: resources-sso-v1-configurations-configurationid-roles path: /resources/sso/v1/configurations/{configurationId}/roles operations: - name: SsoRolesControllerV1_setSsoDefaultRoles method: PUT description: Set SSO default roles outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: SsoRolesControllerV1_getSsoDefaultRoles method: GET description: Get SSO default roles outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: resources-sso-v1-configurations-configurationid-groups path: /resources/sso/v1/configurations/{configurationId}/groups operations: - name: SsoGroupsControllerV1_createSsoGroup method: POST description: Create an SSO group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: SsoGroupsControllerV1_getSsoGroup method: GET description: Get SSO group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: resources-sso-v1-configurations-configurationid-groups-group path: /resources/sso/v1/configurations/{configurationId}/groups/{groupId} operations: - name: SsoGroupsControllerV1_updateSsoGroup method: PATCH description: Update SSO group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: groupId in: path type: string description: groupId parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: SsoGroupsControllerV1_deleteSsoGroup method: DELETE description: Delete SSO group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: frontegg-tenant-id in: header type: string description: The account (tenant) ID identifier required: true - name: configurationId in: path type: string description: configurationId parameter required: true - name: groupId in: path type: string description: groupId parameter required: true - name: resources-sso-v1-configurations-excluded-emails path: /resources/sso/v1/configurations/excluded-emails operations: - name: ExcludeEmailsFromSSOV1_excludeSSOEmail method: POST description: Exclude email from SSO outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: ExcludeEmailsFromSSOV1_getSSOExcludedEmails method: GET description: Get SSO excluded emails outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: resources-sso-v1-configurations-excluded-emails-email path: /resources/sso/v1/configurations/excluded-emails/{email} operations: - name: ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail method: DELETE description: Delete SSO excluded email outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: email in: path type: string description: email parameter required: true - name: resources-sso-v1-configurations-domains-domain-force-validat path: /resources/sso/v1/configurations/domains/{domain}/force-validate operations: - name: VendorOnlySsoConfigurationControllerV1_forceSsoDomainValidation method: PUT description: Vendor only - Force SSO domain validation outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: domain in: path type: string description: domain parameter required: true - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-multiple-sso-per-domain path: /resources/sso/v1/configurations/multiple-sso-per-domain operations: - name: SsoPerTenantControllerV1_getSSOPerTenantConfig method: GET description: Get SSO per account (tenant) configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: SsoPerTenantControllerV1_createOrUpdateSSOPerTenantConfig method: PUT description: Create or update SSO per account (tenant) configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: resources-sso-v1-configurations-domains path: /resources/sso/v1/configurations/domains operations: - name: SSODomainsConfigurationControllerV1_createOrUpdateSSODomainsConfiguration method: PUT description: Create or update SSO domains configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: SSODomainsConfigurationControllerV1_getSSODomainsConfiguration method: GET description: Get SSO domains configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: resources-sso-v1-oidc-configurations path: /resources/sso/v1/oidc/configurations operations: - name: OidcControllerV1_getOidcConifguration method: GET description: Get OIDC configuration outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: [] - name: OidcControllerV1_configureOidc method: POST description: Configure OIDC outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true exposes: - type: rest namespace: frontegg-sso-rest port: 8080 description: REST adapter for Frontegg SSO. One resource per consumed operation, prefixed with /v1. resources: - path: /v1/resources/sso/v1/saml/configurations/vendor-config name: resources-sso-v1-saml-configurations-vendor-config description: REST surface for resources-sso-v1-saml-configurations-vendor-config. operations: - method: GET name: SamlControllerV1_getVendorSamlConfig description: Get vendor's SAML config call: frontegg-sso.SamlControllerV1_getVendorSamlConfig with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/saml/configurations/sp-certificate name: resources-sso-v1-saml-configurations-sp-certificate description: REST surface for resources-sso-v1-saml-configurations-sp-certificate. operations: - method: GET name: SamlControllerV1_getSpCertificate description: Get service provider certificate call: frontegg-sso.SamlControllerV1_getSpCertificate with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/saml/configurations/sp-metadata name: resources-sso-v1-saml-configurations-sp-metadata description: REST surface for resources-sso-v1-saml-configurations-sp-metadata. operations: - method: GET name: SamlControllerV1_getSpMetadata description: Get service provider metadata call: frontegg-sso.SamlControllerV1_getSpMetadata with: frontegg-tenant-id: rest.frontegg-tenant-id outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations name: resources-sso-v1-configurations description: REST surface for resources-sso-v1-configurations. operations: - method: POST name: SsoConfigurationControllerV1_createSsoConfiguration description: Create SSO configuration call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfiguration with: frontegg-tenant-id: rest.frontegg-tenant-id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations name: resources-sso-v1-configurations description: REST surface for resources-sso-v1-configurations. operations: - method: GET name: SsoConfigurationControllerV1_getSsoConfigurations description: Get SSO configurations call: frontegg-sso.SsoConfigurationControllerV1_getSsoConfigurations with: frontegg-tenant-id: rest.frontegg-tenant-id outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId} name: resources-sso-v1-configurations-configurationid description: REST surface for resources-sso-v1-configurations-configurationid. operations: - method: DELETE name: SsoConfigurationControllerV1_deleteSsoConfiguration description: Delete SSO configuration call: frontegg-sso.SsoConfigurationControllerV1_deleteSsoConfiguration with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId} name: resources-sso-v1-configurations-configurationid description: REST surface for resources-sso-v1-configurations-configurationid. operations: - method: PATCH name: SsoConfigurationControllerV1_updateSsoConfiguration description: Update SSO configuration call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfiguration with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/metadata name: resources-sso-v1-configurations-metadata description: REST surface for resources-sso-v1-configurations-metadata. operations: - method: POST name: SsoConfigurationControllerV1_createSsoConfigurationByMetadata description: Create SSO configuration using metadata call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfigurationByMetadata with: frontegg-tenant-id: rest.frontegg-tenant-id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/metadata name: resources-sso-v1-configurations-configurationid-metadata description: REST surface for resources-sso-v1-configurations-configurationid-metadata. operations: - method: PUT name: SsoConfigurationControllerV1_updateSsoConfigurationByMetadata description: Update SSO configuration using metadata call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfigurationByMetadata with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/domains name: resources-sso-v1-configurations-configurationid-domains description: REST surface for resources-sso-v1-configurations-configurationid-domains. operations: - method: POST name: SsoDomainControllerV1_createSsoDomain description: Create SSO domain call: frontegg-sso.SsoDomainControllerV1_createSsoDomain with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId} name: resources-sso-v1-configurations-configurationid-domains-doma description: REST surface for resources-sso-v1-configurations-configurationid-domains-doma. operations: - method: DELETE name: SsoDomainControllerV1_deleteSsoDomain description: Delete SSO domain call: frontegg-sso.SsoDomainControllerV1_deleteSsoDomain with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId domainId: rest.domainId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/domains/{domainId}/validate/email name: resources-sso-v1-configurations-configurationid-domains-doma description: REST surface for resources-sso-v1-configurations-configurationid-domains-doma. operations: - method: PUT name: SsoDomainControllerV1_validateSsoDomainByEmail description: Validate SSO domain by email call: frontegg-sso.SsoDomainControllerV1_validateSsoDomainByEmail with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId domainId: rest.domainId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v2/configurations/{configurationId}/domains/{domainId}/validate name: resources-sso-v2-configurations-configurationid-domains-doma description: REST surface for resources-sso-v2-configurations-configurationid-domains-doma. operations: - method: PUT name: SsoDomainControllerV2_validateSsoDomain description: Validate SSO domain call: frontegg-sso.SsoDomainControllerV2_validateSsoDomain with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId domainId: rest.domainId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/roles name: resources-sso-v1-configurations-configurationid-roles description: REST surface for resources-sso-v1-configurations-configurationid-roles. operations: - method: PUT name: SsoRolesControllerV1_setSsoDefaultRoles description: Set SSO default roles call: frontegg-sso.SsoRolesControllerV1_setSsoDefaultRoles with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/roles name: resources-sso-v1-configurations-configurationid-roles description: REST surface for resources-sso-v1-configurations-configurationid-roles. operations: - method: GET name: SsoRolesControllerV1_getSsoDefaultRoles description: Get SSO default roles call: frontegg-sso.SsoRolesControllerV1_getSsoDefaultRoles with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/groups name: resources-sso-v1-configurations-configurationid-groups description: REST surface for resources-sso-v1-configurations-configurationid-groups. operations: - method: POST name: SsoGroupsControllerV1_createSsoGroup description: Create an SSO group call: frontegg-sso.SsoGroupsControllerV1_createSsoGroup with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/groups name: resources-sso-v1-configurations-configurationid-groups description: REST surface for resources-sso-v1-configurations-configurationid-groups. operations: - method: GET name: SsoGroupsControllerV1_getSsoGroup description: Get SSO group call: frontegg-sso.SsoGroupsControllerV1_getSsoGroup with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId} name: resources-sso-v1-configurations-configurationid-groups-group description: REST surface for resources-sso-v1-configurations-configurationid-groups-group. operations: - method: PATCH name: SsoGroupsControllerV1_updateSsoGroup description: Update SSO group call: frontegg-sso.SsoGroupsControllerV1_updateSsoGroup with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId groupId: rest.groupId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/{configurationId}/groups/{groupId} name: resources-sso-v1-configurations-configurationid-groups-group description: REST surface for resources-sso-v1-configurations-configurationid-groups-group. operations: - method: DELETE name: SsoGroupsControllerV1_deleteSsoGroup description: Delete SSO group call: frontegg-sso.SsoGroupsControllerV1_deleteSsoGroup with: frontegg-tenant-id: rest.frontegg-tenant-id configurationId: rest.configurationId groupId: rest.groupId outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/excluded-emails name: resources-sso-v1-configurations-excluded-emails description: REST surface for resources-sso-v1-configurations-excluded-emails. operations: - method: POST name: ExcludeEmailsFromSSOV1_excludeSSOEmail description: Exclude email from SSO call: frontegg-sso.ExcludeEmailsFromSSOV1_excludeSSOEmail with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/excluded-emails name: resources-sso-v1-configurations-excluded-emails description: REST surface for resources-sso-v1-configurations-excluded-emails. operations: - method: GET name: ExcludeEmailsFromSSOV1_getSSOExcludedEmails description: Get SSO excluded emails call: frontegg-sso.ExcludeEmailsFromSSOV1_getSSOExcludedEmails with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/excluded-emails/{email} name: resources-sso-v1-configurations-excluded-emails-email description: REST surface for resources-sso-v1-configurations-excluded-emails-email. operations: - method: DELETE name: ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail description: Delete SSO excluded email call: frontegg-sso.ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail with: email: rest.email outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/domains/{domain}/force-validate name: resources-sso-v1-configurations-domains-domain-force-validat description: REST surface for resources-sso-v1-configurations-domains-domain-force-validat. operations: - method: PUT name: VendorOnlySsoConfigurationControllerV1_forceSsoDomainValidation description: Vendor only - Force SSO domain validation call: frontegg-sso.VendorOnlySsoConfigurationControllerV1_forceSsoDomainValidation with: domain: rest.domain body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/multiple-sso-per-domain name: resources-sso-v1-configurations-multiple-sso-per-domain description: REST surface for resources-sso-v1-configurations-multiple-sso-per-domain. operations: - method: GET name: SsoPerTenantControllerV1_getSSOPerTenantConfig description: Get SSO per account (tenant) configuration call: frontegg-sso.SsoPerTenantControllerV1_getSSOPerTenantConfig with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/multiple-sso-per-domain name: resources-sso-v1-configurations-multiple-sso-per-domain description: REST surface for resources-sso-v1-configurations-multiple-sso-per-domain. operations: - method: PUT name: SsoPerTenantControllerV1_createOrUpdateSSOPerTenantConfig description: Create or update SSO per account (tenant) configuration call: frontegg-sso.SsoPerTenantControllerV1_createOrUpdateSSOPerTenantConfig with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/domains name: resources-sso-v1-configurations-domains description: REST surface for resources-sso-v1-configurations-domains. operations: - method: PUT name: SSODomainsConfigurationControllerV1_createOrUpdateSSODomainsConfiguration description: Create or update SSO domains configuration call: frontegg-sso.SSODomainsConfigurationControllerV1_createOrUpdateSSODomainsConfiguration with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/configurations/domains name: resources-sso-v1-configurations-domains description: REST surface for resources-sso-v1-configurations-domains. operations: - method: GET name: SSODomainsConfigurationControllerV1_getSSODomainsConfiguration description: Get SSO domains configuration call: frontegg-sso.SSODomainsConfigurationControllerV1_getSSODomainsConfiguration with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/oidc/configurations name: resources-sso-v1-oidc-configurations description: REST surface for resources-sso-v1-oidc-configurations. operations: - method: GET name: OidcControllerV1_getOidcConifguration description: Get OIDC configuration call: frontegg-sso.OidcControllerV1_getOidcConifguration with: {} outputParameters: - type: object mapping: $. - path: /v1/resources/sso/v1/oidc/configurations name: resources-sso-v1-oidc-configurations description: REST surface for resources-sso-v1-oidc-configurations. operations: - method: POST name: OidcControllerV1_configureOidc description: Configure OIDC call: frontegg-sso.OidcControllerV1_configureOidc with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: frontegg-sso-mcp port: 9090 transport: http description: MCP adapter for Frontegg SSO. One tool per consumed operation. tools: - name: frontegg-sso-samlcontrollerv1-getvendorsamlconfig description: Get vendor's SAML config hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SamlControllerV1_getVendorSamlConfig with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-samlcontrollerv1-getspcertificate description: Get service provider certificate hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SamlControllerV1_getSpCertificate with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-samlcontrollerv1-getspmetadata description: Get service provider metadata hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SamlControllerV1_getSpMetadata with: frontegg-tenant-id: tools.frontegg-tenant-id outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-createssoconfigura description: Create SSO configuration hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfiguration with: frontegg-tenant-id: tools.frontegg-tenant-id body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-getssoconfiguratio description: Get SSO configurations hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SsoConfigurationControllerV1_getSsoConfigurations with: frontegg-tenant-id: tools.frontegg-tenant-id outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-deletessoconfigura description: Delete SSO configuration hints: readOnly: false destructive: true idempotent: true call: frontegg-sso.SsoConfigurationControllerV1_deleteSsoConfiguration with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-updatessoconfigura description: Update SSO configuration hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfiguration with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-createssoconfigura description: Create SSO configuration using metadata hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoConfigurationControllerV1_createSsoConfigurationByMetadata with: frontegg-tenant-id: tools.frontegg-tenant-id body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssoconfigurationcontrollerv1-updatessoconfigura description: Update SSO configuration using metadata hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SsoConfigurationControllerV1_updateSsoConfigurationByMetadata with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomaincontrollerv1-createssodomain description: Create SSO domain hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoDomainControllerV1_createSsoDomain with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomaincontrollerv1-deletessodomain description: Delete SSO domain hints: readOnly: false destructive: true idempotent: true call: frontegg-sso.SsoDomainControllerV1_deleteSsoDomain with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId domainId: tools.domainId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomaincontrollerv1-validatessodomainbyemail description: Validate SSO domain by email hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SsoDomainControllerV1_validateSsoDomainByEmail with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId domainId: tools.domainId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomaincontrollerv2-validatessodomain description: Validate SSO domain hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SsoDomainControllerV2_validateSsoDomain with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId domainId: tools.domainId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssorolescontrollerv1-setssodefaultroles description: Set SSO default roles hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SsoRolesControllerV1_setSsoDefaultRoles with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssorolescontrollerv1-getssodefaultroles description: Get SSO default roles hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SsoRolesControllerV1_getSsoDefaultRoles with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssogroupscontrollerv1-createssogroup description: Create an SSO group hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoGroupsControllerV1_createSsoGroup with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssogroupscontrollerv1-getssogroup description: Get SSO group hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SsoGroupsControllerV1_getSsoGroup with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId outputParameters: - type: object mapping: $. - name: frontegg-sso-ssogroupscontrollerv1-updatessogroup description: Update SSO group hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.SsoGroupsControllerV1_updateSsoGroup with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId groupId: tools.groupId body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssogroupscontrollerv1-deletessogroup description: Delete SSO group hints: readOnly: false destructive: true idempotent: true call: frontegg-sso.SsoGroupsControllerV1_deleteSsoGroup with: frontegg-tenant-id: tools.frontegg-tenant-id configurationId: tools.configurationId groupId: tools.groupId outputParameters: - type: object mapping: $. - name: frontegg-sso-excludeemailsfromssov1-excludessoemail description: Exclude email from SSO hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.ExcludeEmailsFromSSOV1_excludeSSOEmail with: body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-excludeemailsfromssov1-getssoexcludedemails description: Get SSO excluded emails hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.ExcludeEmailsFromSSOV1_getSSOExcludedEmails with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-excludeemailsfromssov1-deletessoexcludedemail description: Delete SSO excluded email hints: readOnly: false destructive: true idempotent: true call: frontegg-sso.ExcludeEmailsFromSSOV1_deleteSSOExcludedEmail with: email: tools.email outputParameters: - type: object mapping: $. - name: frontegg-sso-vendoronlyssoconfigurationcontrollerv1-forcesso description: Vendor only - Force SSO domain validation hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.VendorOnlySsoConfigurationControllerV1_forceSsoDomainValidation with: domain: tools.domain body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssopertenantcontrollerv1-getssopertenantconfig description: Get SSO per account (tenant) configuration hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SsoPerTenantControllerV1_getSSOPerTenantConfig with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-ssopertenantcontrollerv1-createorupdatessoperte description: Create or update SSO per account (tenant) configuration hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SsoPerTenantControllerV1_createOrUpdateSSOPerTenantConfig with: body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomainsconfigurationcontrollerv1-createorupd description: Create or update SSO domains configuration hints: readOnly: false destructive: false idempotent: true call: frontegg-sso.SSODomainsConfigurationControllerV1_createOrUpdateSSODomainsConfiguration with: body: tools.body outputParameters: - type: object mapping: $. - name: frontegg-sso-ssodomainsconfigurationcontrollerv1-getssodomai description: Get SSO domains configuration hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.SSODomainsConfigurationControllerV1_getSSODomainsConfiguration with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-oidccontrollerv1-getoidcconifguration description: Get OIDC configuration hints: readOnly: true destructive: false idempotent: true call: frontegg-sso.OidcControllerV1_getOidcConifguration with: {} outputParameters: - type: object mapping: $. - name: frontegg-sso-oidccontrollerv1-configureoidc description: Configure OIDC hints: readOnly: false destructive: false idempotent: false call: frontegg-sso.OidcControllerV1_configureOidc with: body: tools.body outputParameters: - type: object mapping: $.