Create enterprise connection

POST

organizations

{id}

enterprise-connections

curl --request POST \
  --url https://api.wacht.dev/organizations/{id}/enterprise-connections \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --cookie session_id= \
  --data domain_id=123456789012345678 \
  --data protocol=saml \
  --data idp_entity_id=https://idp.example.com/entityid \
  --data idp_sso_url=https://idp.example.com/sso \
  --data idp_certificate=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... \
  --data oidc_client_id=client_id_abc123 \
  --data oidc_client_secret=secret_xyz789 \
  --data oidc_issuer_url=https://idp.example.com \
  --data 'oidc_scopes=openid email profile' \
  --data jit_enabled=true \
  --data 'attribute_mapping={"email": "email", "firstName": "given_name"}'

{
  "status": 200,
  "message": "",
  "data": {
    "id": "999999999999999999",
    "organization_id": "123456789012345678",
    "organization_domain_id": "888888888888888888",
    "protocol": "saml",
    "idp_entity_id": "https://idp.example.com/entityid",
    "idp_sso_url": "https://idp.example.com/sso",
    "idp_certificate": "<string>",
    "oidc_client_id": "client_id_abc123",
    "oidc_issuer_url": "https://idp.example.com",
    "oidc_scopes": "openid email profile",
    "jit_enabled": true,
    "attribute_mapping": {},
    "scim_enabled": false,
    "scim_token_prefix": "wacht_scim...xyz",
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  },
  "session": {
    "id": "123456789012345678",
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  },
  "errors": [
    {
      "code": "INVALID_CREDENTIALS",
      "message": "Invalid credentials. Please try again."
    }
  ]
}

Authorizations

session_id

string

required

Session-based authentication using cookies

Path Parameters

string<uint64>

required

Organization ID

Body

application/x-www-form-urlencoded

domain_id

string<uint64>

required

Verified domain ID to link

Example:

"123456789012345678"

protocol

enum<string>

required

SSO protocol

Available options:

saml,

oidc

Example:

"saml"

idp_entity_id

string

Identity Provider Entity ID (SAML)

Example:

"https://idp.example.com/entityid"

idp_sso_url

string<uri>

Identity Provider SSO URL (SAML)

Example:

"https://idp.example.com/sso"

idp_certificate

string

Identity Provider X.509 certificate (SAML)

Example:

"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..."

oidc_client_id

string

OAuth Client ID (OIDC)

Example:

"client_id_abc123"

oidc_client_secret

string

OAuth Client Secret (OIDC)

Example:

"secret_xyz789"

oidc_issuer_url

string<uri>

OAuth Issuer URL (OIDC)

Example:

"https://idp.example.com"

oidc_scopes

string

OAuth scopes (OIDC)

Example:

"openid email profile"

jit_enabled

boolean

Enable Just-In-Time provisioning

Example:

true

attribute_mapping

string

JSON mapping for IdP attributes

Example:

"{\"email\": \"email\", \"firstName\": \"given_name\"}"

Response

Connection created successfully

status

integer

HTTP status code

Example:

200

message

string

Response message (empty on success)

Example:

""

data

object

Show child attributes

session

object

Minimal session info included in every response

Show child attributes

errors

object[] | null

Error details (null on success)

Show child attributes

Test enterprise connection configValidate enterprise connection configuration before saving

Create enterprise connection

curl --request POST \
  --url https://api.wacht.dev/organizations/{id}/enterprise-connections \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --cookie session_id= \
  --data domain_id=123456789012345678 \
  --data protocol=saml \
  --data idp_entity_id=https://idp.example.com/entityid \
  --data idp_sso_url=https://idp.example.com/sso \
  --data idp_certificate=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... \
  --data oidc_client_id=client_id_abc123 \
  --data oidc_client_secret=secret_xyz789 \
  --data oidc_issuer_url=https://idp.example.com \
  --data 'oidc_scopes=openid email profile' \
  --data jit_enabled=true \
  --data 'attribute_mapping={"email": "email", "firstName": "given_name"}'

{
  "status": 200,
  "message": "",
  "data": {
    "id": "999999999999999999",
    "organization_id": "123456789012345678",
    "organization_domain_id": "888888888888888888",
    "protocol": "saml",
    "idp_entity_id": "https://idp.example.com/entityid",
    "idp_sso_url": "https://idp.example.com/sso",
    "idp_certificate": "<string>",
    "oidc_client_id": "client_id_abc123",
    "oidc_issuer_url": "https://idp.example.com",
    "oidc_scopes": "openid email profile",
    "jit_enabled": true,
    "attribute_mapping": {},
    "scim_enabled": false,
    "scim_token_prefix": "wacht_scim...xyz",
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  },
  "session": {
    "id": "123456789012345678",
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  },
  "errors": [
    {
      "code": "INVALID_CREDENTIALS",
      "message": "Invalid credentials. Please try again."
    }
  ]
}

Authentication

User Profile

Sessions

Organizations

Workspaces

Agents

Notifications

Deployment

Waitlist

Authorizations

Path Parameters

Body

Response