openapi: 3.0.0 info: title: Azure API Management - Identity Providers description: Use these REST APIs for performing operations on Identity Provider entity associated with your Azure API Management deployment. Setting up an external Identity Provider for authentication can help you manage the developer portal logins using the OAuth2 flow. version: 2017-03-01 security: - apim_key: [] paths: /identityProviders: get: tags: - IdentityProvider operationId: IdentityProvider_List description: Lists a collection of Identity Provider configured in the specified service instance. externalDocs: url: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-aad#how-to-authorize-developer-accounts-using-azure-active-directory parameters: - $ref: ./apimanagement.json#/components/parameters/ApiVersionParameter x-ms-pageable: {} responses: "200": description: Lists a collection of Identity Providers. content: application/json: schema: $ref: "#/components/schemas/IdentityProviderList" default: description: Error response describing why the operation failed. content: application/json: schema: $ref: ./apimanagement.json#/definitions/ErrorResponse "/identityProviders/{identityProviderName}": get: tags: - IdentityProvider operationId: IdentityProvider_Get description: Gets the configuration details of the identity Provider configured in specified service instance. parameters: - $ref: "#/components/parameters/IdentityProviderNameParameter" - $ref: ./apimanagement.json#/components/parameters/ApiVersionParameter responses: "200": description: The response body contains the specified IdentityProvider entity configuration details. headers: ETag: description: Current entity state version. Should be treated as opaque and used to make conditional HTTP requests. schema: type: string content: application/json: schema: $ref: "#/components/schemas/IdentityProviderContract" default: description: Error response describing why the operation failed. content: application/json: schema: $ref: ./apimanagement.json#/definitions/ErrorResponse put: tags: - IdentityProvider operationId: IdentityProvider_CreateOrUpdate description: Creates or Updates the IdentityProvider configuration. parameters: - $ref: "#/components/parameters/IdentityProviderNameParameter" - $ref: ./apimanagement.json#/components/parameters/ApiVersionParameter requestBody: content: application/json: schema: $ref: "#/components/schemas/IdentityProviderContract" description: Create parameters. required: true responses: "200": description: The existing Identity Provider was successfully updated. content: application/json: schema: $ref: "#/components/schemas/IdentityProviderContract" "201": description: IdentityProvider configuration were successfully created. content: application/json: schema: $ref: "#/components/schemas/IdentityProviderContract" default: description: Error response describing why the operation failed. content: application/json: schema: $ref: ./apimanagement.json#/definitions/ErrorResponse patch: tags: - IdentityProviders operationId: IdentityProvider_Update description: Updates an existing IdentityProvider configuration. parameters: - $ref: "#/components/parameters/IdentityProviderNameParameter" - name: If-Match in: header required: true description: The entity state (Etag) version of the identity provider configuration to update. A value of "*" can be used for If-Match to unconditionally apply the operation. schema: type: string - $ref: ./apimanagement.json#/components/parameters/ApiVersionParameter requestBody: content: application/json: schema: $ref: "#/components/schemas/IdentityProviderUpdateParameters" description: Update parameters. required: true responses: "204": description: The existing identity provider configuration was successfully updated. default: description: Error response describing why the operation failed. content: application/json: schema: $ref: ./apimanagement.json#/definitions/ErrorResponse delete: tags: - IdentityProvider operationId: IdentityProvider_Delete description: Deletes the specified identity provider configuration. parameters: - $ref: "#/components/parameters/IdentityProviderNameParameter" - name: If-Match in: header required: true description: The entity state (Etag) version of the backend to delete. A value of "*" can be used for If-Match to unconditionally apply the operation. schema: type: string - $ref: ./apimanagement.json#/components/parameters/ApiVersionParameter responses: "204": description: The identity provider configuration was successfully deleted. default: description: Error response describing why the operation failed. content: application/json: schema: $ref: ./apimanagement.json#/definitions/ErrorResponse servers: - url: "{apimBaseUrl}" variables: apimBaseUrl: description: The management endpoint of the API Management service, for example https://myapimservice.management.azure-api.net. x-ms-skip-url-encoding: true default: "" components: parameters: IdentityProviderNameParameter: name: identityProviderName in: path required: true x-ms-enum: name: IdentityProviderType modelAsString: true values: - value: facebook description: Facebook as Identity provider. - value: google description: Google as Identity provider. - value: microsoft description: Microsoft Live as Identity provider. - value: twitter description: Twitter as Identity provider. - value: aad description: Azure Active Directory as Identity provider. - value: aadB2C description: Azure Active Directory B2C as Identity provider. description: Identity Provider Type identifier. x-ms-parameter-location: method schema: type: string enum: - facebook - google - microsoft - twitter - aad - aadB2C securitySchemes: apim_key: type: apiKey name: Authorization in: header schemas: IdentityProviderContract: properties: id: type: string description: Identifier of the identity provider. allOf: - $ref: "#/components/schemas/IdentityProviderContractProperties" description: Identity Provider details. IdentityProviderContractProperties: properties: clientId: type: string description: Client Id of the Application in the external Identity Provider. It is App ID for Facebook login, Client ID for Google login, App ID for Microsoft. minLength: 1 clientSecret: type: string description: Client secret of the Application in external Identity Provider, used to authenticate login request. For example, it is App Secret for Facebook login, API Key for Google login, Public Key for Microsoft. minLength: 1 allOf: - $ref: "#/components/schemas/IdentityProviderBaseParameters" required: - clientId - clientSecret description: The external Identity Providers like Facebook, Google, Microsoft, Twitter or Azure Active Directory which can be used to enable access to the API Management service developer portal for all users. IdentityProviderList: properties: value: type: array items: $ref: "#/components/schemas/IdentityProviderContract" description: Identity Provider configuration values. count: type: integer description: Total number of identity providers description: List of all the Identity Providers configured on the service instance. IdentityProviderUpdateParameters: properties: clientId: type: string description: Client Id of the Application in the external Identity Provider. It is App ID for Facebook login, Client ID for Google login, App ID for Microsoft. minLength: 1 clientSecret: type: string description: Client secret of the Application in external Identity Provider, used to authenticate login request. For example, it is App Secret for Facebook login, API Key for Google login, Public Key for Microsoft. minLength: 1 allOf: - $ref: "#/components/schemas/IdentityProviderBaseParameters" description: Parameters supplied to the Update Identity Provider operation. IdentityProviderBaseParameters: properties: type: type: string enum: - facebook - google - microsoft - twitter - aad - aadB2C x-ms-enum: name: IdentityProviderType modelAsString: true values: - value: facebook description: Facebook as Identity provider. - value: google description: Google as Identity provider. - value: microsoft description: Microsoft Live as Identity provider. - value: twitter description: Twitter as Identity provider. - value: aad description: Azure Active Directory as Identity provider. - value: aadB2C description: Azure Active Directory B2C as Identity provider. description: Identity Provider Type identifier. allowedTenants: type: array items: type: string maxItems: 32 description: List of Allowed Tenants when configuring Azure Active Directory login. signupPolicyName: type: string description: Signup Policy Name. Only applies to AAD B2C Identity Provider. minLength: 1 signinPolicyName: type: string description: Signin Policy Name. Only applies to AAD B2C Identity Provider. minLength: 1 profileEditingPolicyName: type: string description: Profile Editing Policy Name. Only applies to AAD B2C Identity Provider. minLength: 1 passwordResetPolicyName: type: string description: Password Reset Policy Name. Only applies to AAD B2C Identity Provider. minLength: 1 description: Identity Provider Base Parameter Properties.