Management API
      Back to home
      1. Help Center
      2. 1 - Get started with Bluestone PIM
      3. Management API

      Update SSO client secret

      How to update the SSO client secret using the Management API

      Read more about SSO support in Bluestone PIM here

      If your organization already has an SSO realm configured, you can rotate the client secret using the Management API. The MAPI credentials you use must be assigned a role that includes the SSO Admin permission.

      Get a list of SSO client id's for your organization

      A client ID is the unique identifier for your SSO application in your identity provider. If you use Microsoft Entra ID (formerly Azure AD), this value is the Application ID.

      URL

      GET https://api.bluestonepim.com/idp/sso-providers

      Response body

      [
        {
          "clientId": "56a059dd-8116-40c8-9292-ba1a9bc34888",
          "clientSecretExpirationDate": 1796136205
        }
      ]

      Response will be 200 with a list of found SSO clients. If no clients are found an empty list will be returned. A 403 error code could suggest that the credentials do not have the necessary permissions. 

      Try it in readme.io

      Update the client secret

      URL

      POST https://api.bluestonepim.com/idp/sso-providers/{clientId}

      Use the clientId from the previous response in the URL

      Request body

      The request must contain the new client secret and a unix timestamp for when it expires.

      {
        "clientSecret": "tvj8*******************bnG",
        "clientSecretExpirationDate": 1827672205
      }

      Response

      If successful, this will result in a 204 - No Content response. 

      The request will fail with a 400 - Bad Request if there is anything wrong with the format or content of the body. 

      The request will fail with a 404 - Not found if clientId is not found for the organization

      Try it in readme.io