Document Center

All Products

Document Center

CloudSSO:List of operations by function

Last Updated:Oct 08, 2022

The following tables list the API operations available for use in CloudSSO.

Note Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically generate SDK sample code.

Operations for CloudSSO


Operation	Description
EnableService	Enables CloudSSO.
DisableService	Disables CloudSSO.
GetServiceStatus	Queries the status of CloudSSO.
CreateDirectory	Creates a directory.
ListDirectories	Queries directories.
GetDirectory	Queries information about a directory.
GetDirectoryStatistics	Queries the statistics of a directory.
UpdateDirectory	Changes the name of a directory.
DeleteDirectory	Deletes a directory.

Operations for users


Operation	Description
CreateUser	Creates a user.
ListUsers	Queries users.
GetUser	Queries information about a user.
UpdateUser	Modifies information about a user.
UpdateUserStatus	Changes the status of a user.
DeleteUser	Deletes a user.
ResetUserPassword	Resets the password of a user.
SetMFAAuthenticationStatus	Enables or disables multi-factor authentication (MFA) for users in a directory. Note This operation is no longer maintained and updated. You can call the UpdateMFAAuthenticationSettings operation to enable MFA for users in a directory.
GetMFAAuthenticationStatus	Checks whether MFA is enabled for users. Note This operation is no longer maintained and updated. You can call the GetMFAAuthenticationSettings operation to check whether MFA is enabled for users.
ListMFADevicesForUser	Queries the MFA devices that are bound to a user.
DeleteMFADeviceForUser	Unbinds a MFA device from a user.
UpdateMFAAuthenticationSettings	Modifies the MFA setting of all users.
GetMFAAuthenticationSettings	Queries the MFA setting of all users.
UpdateUserMFAAuthenticationSettings	Modifies the MFA setting of a single user.
GetUserMFAAuthenticationSettings	Queries the MFA setting of a single user.

Operations for groups


Operation	Description
CreateGroup	Creates a RAM user group.
ListGroups	Queries RAM user groups.
GetGroup	Queries the information about a RAM user group.
UpdateGroup	Modifies the information about a group.
DeleteGroup	Deletes a group.
AddUserToGroup	Adds a user to a group.
RemoveUserFromGroup	Removes a user from a group.
ListJoinedGroupsForUser	Queries the groups to which a user is added.
ListGroupMembers	Queries the users in a group.

Operations for Cross-domain Identity Management (SCIM) synchronization


Operation	Description
CreateSCIMServerCredential	Creates a SCIM credential.
ListSCIMServerCredentials	Queries SCIM credentials.
UpdateSCIMServerCredentialStatus	Enables or disables a SCIM credential.
DeleteSCIMServerCredential	Deletes a SCIM credential.
SetSCIMSynchronizationStatus	Enables or disables SCIM synchronization.
GetSCIMSynchronizationStatus	Queries the status of SCIM synchronization.

Operations for single sign-on (SSO) logon


Operation	Description
GetDirectorySAMLServiceProviderInfo	Queries the information about a Security Assertion Markup Language (SAML) service provider (SP).
SetExternalSAMLIdentityProvider	Configures a SAML identity provider (IdP).
GetExternalSAMLIdentityProvider	Queries the configurations of a SAML identity provider IdP.
ClearExternalSAMLIdentityProvider	Clears the configurations of a SAML IdP.
AddExternalSAMLIdPCertificate	Adds a SAML signing certificate.
ListExternalSAMLIdPCertificates	Queries SAML signing certificates.
RemoveExternalSAMLIdPCertificate	Removes a SAML signing certificate.

Operations for access configurations


Operation	Description
CreateAccessConfiguration	Creates an access configuration.
ListAccessConfigurations	Queries access configurations.
GetAccessConfiguration	Queries the information about an access configuration.
UpdateAccessConfiguration	Modifies the information about an access configuration.
DeleteAccessConfiguration	Deletes an access configuration.
AddPermissionPolicyToAccessConfiguration	Adds a policy to an access configuration.
RemovePermissionPolicyFromAccessConfiguration	Removes a policy from an access configuration.
UpdateInlinePolicyForAccessConfiguration	Modifies an inline policy that is created for an access configuration.
ListPermissionPoliciesInAccessConfiguration	Queries the policies that are created for an access configuration.

Operations for multi-account authorization


Operation	Description
ProvisionAccessConfiguration	Provisions an access configuration for an account in your resource directory.
DeprovisionAccessConfiguration	De-provisions an access configuration from an account in your resource directory.
ListAccessConfigurationProvisionings	Queries the access configurations that are provisioned.
CreateAccessAssignment	Assigns access permissions on an account in your resource directory to a user or a group by using an access configuration.
ListAccessAssignments	Queries the access permissions that are assigned.
DeleteAccessAssignment	Remove the access permissions on an account in a resource directory.
ListTasks	Queries asynchronous tasks.
GetTask	Queries the information about an asynchronous task.
GetTaskStatus	Queries the status of an asynchronous task.

How helpful was this page?

$!csrfToken.hiddenField

What might be the problems?

More suggestions?