Skip to main content
POST
/
organizations
/
{id}
/
enterprise-connections
Create enterprise connection
curl --request POST \
  --url https://api.wacht.dev/organizations/{id}/enterprise-connections \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --cookie session_id= \
  --data domain_id=123456789012345678 \
  --data protocol=saml \
  --data idp_entity_id=https://idp.example.com/entityid \
  --data idp_sso_url=https://idp.example.com/sso \
  --data idp_certificate=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... \
  --data oidc_client_id=client_id_abc123 \
  --data oidc_client_secret=secret_xyz789 \
  --data oidc_issuer_url=https://idp.example.com \
  --data 'oidc_scopes=openid email profile' \
  --data jit_enabled=true \
  --data 'attribute_mapping={"email": "email", "firstName": "given_name"}'
{
  "id": "999999999999999999",
  "organization_id": "123456789012345678",
  "organization_domain_id": "888888888888888888",
  "protocol": "saml",
  "idp_entity_id": "https://idp.example.com/entityid",
  "idp_sso_url": "https://idp.example.com/sso",
  "idp_certificate": "<string>",
  "oidc_client_id": "client_id_abc123",
  "oidc_issuer_url": "https://idp.example.com",
  "oidc_scopes": "openid email profile",
  "jit_enabled": true,
  "attribute_mapping": {},
  "scim_enabled": false,
  "scim_token_prefix": "wacht_scim...xyz",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Authorizations

session_id
string
cookie
required

Session-based authentication using cookies

Path Parameters

id
string<uint64>
required

Organization ID

Body

application/x-www-form-urlencoded
domain_id
string<uint64>
required

Verified domain ID to link

Example:

"123456789012345678"

protocol
enum<string>
required

SSO protocol

Available options:
saml,
oidc
Example:

"saml"

idp_entity_id
string

Identity Provider Entity ID (SAML)

Example:

"https://idp.example.com/entityid"

idp_sso_url
string<uri>

Identity Provider SSO URL (SAML)

Example:

"https://idp.example.com/sso"

idp_certificate
string

Identity Provider X.509 certificate (SAML)

Example:

"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..."

oidc_client_id
string

OAuth Client ID (OIDC)

Example:

"client_id_abc123"

oidc_client_secret
string

OAuth Client Secret (OIDC)

Example:

"secret_xyz789"

oidc_issuer_url
string<uri>

OAuth Issuer URL (OIDC)

Example:

"https://idp.example.com"

oidc_scopes
string

OAuth scopes (OIDC)

Example:

"openid email profile"

jit_enabled
boolean

Enable Just-In-Time provisioning

Example:

true

attribute_mapping
string

JSON mapping for IdP attributes

Example:

"{\"email\": \"email\", \"firstName\": \"given_name\"}"

Response

Connection created successfully

id
string<uint64>

Connection ID

Example:

"999999999999999999"

organization_id
string<uint64>

Organization ID

Example:

"123456789012345678"

organization_domain_id
string<uint64>

Linked domain ID

Example:

"888888888888888888"

protocol
enum<string>

SSO protocol

Available options:
saml,
oidc
Example:

"saml"

idp_entity_id
string

Identity Provider Entity ID (SAML)

Example:

"https://idp.example.com/entityid"

idp_sso_url
string<uri>

Identity Provider SSO URL (SAML)

Example:

"https://idp.example.com/sso"

idp_certificate
string

Identity Provider X.509 certificate (SAML)

oidc_client_id
string

OAuth Client ID (OIDC)

Example:

"client_id_abc123"

oidc_issuer_url
string<uri>

OAuth Issuer URL (OIDC)

Example:

"https://idp.example.com"

oidc_scopes
string

OAuth scopes (OIDC)

Example:

"openid email profile"

jit_enabled
boolean

Just-In-Time provisioning enabled

Example:

true

attribute_mapping
object

Attribute mapping configuration

scim_enabled
boolean

SCIM provisioning enabled

Example:

false

scim_token_prefix
string

SCIM token prefix (partial)

Example:

"wacht_scim...xyz"

created_at
string<date-time>
updated_at
string<date-time>