Create Identity Provider (Amazon)

POST {{apiPath}}/environments/{{envID}}/identityProviders

The POST {{apiPath}}/environments/{{envID}}/identityProviders operation adds a new identity provider resource to the specified environment.

When the type property value is set to AMAZON, Amazon’s clientId and clientSecret property values are required in the request body.

Prerequisites

Refer to Identity Provider Management for important overview information.

Request Model

Amazon identity provider settings data model

Property Type Required?

Property	Type	Required?
`clientId`	String	Required
`clientSecret`	String	Required

clientId

String

Required

clientSecret

String

Required

Amazon core attributes

Property Description

Property	Description
`user_id`	A string that specifies the core Amazon attribute. The default value is `${providerAttributes.user_id}` and the default update value is `EMPTY_ONLY`.

user_id

A string that specifies the core Amazon attribute. The default value is ${providerAttributes.user_id} and the default update value is EMPTY_ONLY.

Amazon provider attributes

Permission Provider attributes

Permission	Provider attributes
`profile`	Options are: `user_id`, `email`, `name`
`postal_code`	Options are: `postal_code`

profile

Options are: user_id, email, name

postal_code

Options are: postal_code

Refer to Base IdP data model for the properties available to all of the supported identity providers.

To retrieve a user’s postal_code attribute value from Amazon, the user must have a valid primary shipping address associated with the Amazon account.

Query parameters

Parameter Description

Parameter	Description
`expand`	When equal to `attributes`, shows the details for the core attribute mapping created by the request.

expand

When equal to attributes, shows the details for the core attribute mapping created by the request.

Example: POST {{apiPath}}/environments/{{envID}}/identityProviders?expand=attributes

Headers

Authorization Bearer {{accessToken}}

Content-Type application/json

Body

raw ( application/json )

{
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
}

Example Request

curl --location --globoff '{{apiPath}}/environments/{{envID}}/identityProviders' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
}'

var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/identityProviders")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""description"": ""Amazon Provider""," + "\n" +
@"    ""enabled"": true," + "\n" +
@"    ""name"": ""AmazonIdP""," + "\n" +
@"    ""type"": ""AMAZON""," + "\n" +
@"    ""clientId"": ""AMAZON_ID""," + "\n" +
@"    ""clientSecret"": ""AMAZON_SECRET""" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/environments/{{envID}}/identityProviders"
  method := "POST"

  payload := strings.NewReader(`{
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

POST /environments/{{envID}}/identityProviders HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
}

OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"description\": \"Amazon Provider\",\n    \"enabled\": true,\n    \"name\": \"AmazonIdP\",\n    \"type\": \"AMAZON\",\n    \"clientId\": \"AMAZON_ID\",\n    \"clientSecret\": \"AMAZON_SECRET\"\n}");
Request request = new Request.Builder()
  .url("{{apiPath}}/environments/{{envID}}/identityProviders")
  .method("POST", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();

var settings = {
  "url": "{{apiPath}}/environments/{{envID}}/identityProviders",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});

var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{apiPath}}/environments/{{envID}}/identityProviders',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "description": "Amazon Provider",
    "enabled": true,
    "name": "AmazonIdP",
    "type": "AMAZON",
    "clientId": "AMAZON_ID",
    "clientSecret": "AMAZON_SECRET"
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});

import requests
import json

url = "{{apiPath}}/environments/{{envID}}/identityProviders"

payload = json.dumps({
  "description": "Amazon Provider",
  "enabled": True,
  "name": "AmazonIdP",
  "type": "AMAZON",
  "clientId": "AMAZON_ID",
  "clientSecret": "AMAZON_SECRET"
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)

<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/identityProviders');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "description": "Amazon Provider",\n    "enabled": true,\n    "name": "AmazonIdP",\n    "type": "AMAZON",\n    "clientId": "AMAZON_ID",\n    "clientSecret": "AMAZON_SECRET"\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}

require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/environments/{{envID}}/identityProviders")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "description": "Amazon Provider",
  "enabled": true,
  "name": "AmazonIdP",
  "type": "AMAZON",
  "clientId": "AMAZON_ID",
  "clientSecret": "AMAZON_SECRET"
})

response = http.request(request)
puts response.read_body

let parameters = "{\n    \"description\": \"Amazon Provider\",\n    \"enabled\": true,\n    \"name\": \"AmazonIdP\",\n    \"type\": \"AMAZON\",\n    \"clientId\": \"AMAZON_ID\",\n    \"clientSecret\": \"AMAZON_SECRET\"\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/identityProviders")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

201 Created

{
    "_links": {
        "self": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/identityProviders/fa230da7-8e03-4ff6-919a-fad344f68dcf"
        },
        "environment": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        },
        "attributes": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/identityProviders/fa230da7-8e03-4ff6-919a-fad344f68dcf/attributes"
        }
    },
    "id": "fa230da7-8e03-4ff6-919a-fad344f68dcf",
    "type": "AMAZON",
    "name": "AmazonIdP",
    "description": "Amazon Provider",
    "enabled": true,
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "createdAt": "2020-05-26T16:51:14.887Z",
    "updatedAt": "2020-05-26T16:51:14.887Z",
    "clientSecret": "AMAZON_SECRET",
    "clientId": "AMAZON_ID"
}

PingOne Platform APIs