The following tables list the API operations available for use in CloudSSO.
Note Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically
generate SDK sample code.
Operations for CloudSSO
Operation | Description |
---|---|
EnableService | Enables CloudSSO. |
DisableService | Disables CloudSSO. |
GetServiceStatus | Queries the status of CloudSSO. |
CreateDirectory | Creates a directory. |
ListDirectories | Queries directories. |
GetDirectory | Queries information about a directory. |
GetDirectoryStatistics | Queries the statistics of a directory. |
UpdateDirectory | Changes the name of a directory. |
DeleteDirectory | Deletes a directory. |
Operations for users
Operation | Description |
---|---|
CreateUser | Creates a user. |
ListUsers | Queries users. |
GetUser | Queries information about a user. |
UpdateUser | Modifies information about a user. |
UpdateUserStatus | Changes the status of a user. |
DeleteUser | Deletes a user. |
ResetUserPassword | Resets the password of a user. |
SetMFAAuthenticationStatus | Enables or disables multi-factor authentication (MFA) for users in a directory.
Note This operation is no longer maintained and updated. You can call the UpdateMFAAuthenticationSettings operation to enable MFA for users in a directory.
|
GetMFAAuthenticationStatus | Checks whether MFA is enabled for users.
Note This operation is no longer maintained and updated. You can call the GetMFAAuthenticationSettings operation to check whether MFA is enabled for users.
|
ListMFADevicesForUser | Queries the MFA devices that are bound to a user. |
DeleteMFADeviceForUser | Unbinds a MFA device from a user. |
UpdateMFAAuthenticationSettings | Modifies the MFA setting of all users. |
GetMFAAuthenticationSettings | Queries the MFA setting of all users. |
UpdateUserMFAAuthenticationSettings | Modifies the MFA setting of a single user. |
GetUserMFAAuthenticationSettings | Queries the MFA setting of a single user. |
Operations for groups
Operation | Description |
---|---|
CreateGroup | Creates a RAM user group. |
ListGroups | Queries RAM user groups. |
GetGroup | Queries the information about a RAM user group. |
UpdateGroup | Modifies the information about a group. |
DeleteGroup | Deletes a group. |
AddUserToGroup | Adds a user to a group. |
RemoveUserFromGroup | Removes a user from a group. |
ListJoinedGroupsForUser | Queries the groups to which a user is added. |
ListGroupMembers | Queries the users in a group. |
Operations for Cross-domain Identity Management (SCIM) synchronization
Operation | Description |
---|---|
CreateSCIMServerCredential | Creates a SCIM credential. |
ListSCIMServerCredentials | Queries SCIM credentials. |
UpdateSCIMServerCredentialStatus | Enables or disables a SCIM credential. |
DeleteSCIMServerCredential | Deletes a SCIM credential. |
SetSCIMSynchronizationStatus | Enables or disables SCIM synchronization. |
GetSCIMSynchronizationStatus | Queries the status of SCIM synchronization. |
Operations for single sign-on (SSO) logon
Operation | Description |
---|---|
GetDirectorySAMLServiceProviderInfo | Queries the information about a Security Assertion Markup Language (SAML) service provider (SP). |
SetExternalSAMLIdentityProvider | Configures a SAML identity provider (IdP). |
GetExternalSAMLIdentityProvider | Queries the configurations of a SAML identity provider IdP. |
ClearExternalSAMLIdentityProvider | Clears the configurations of a SAML IdP. |
AddExternalSAMLIdPCertificate | Adds a SAML signing certificate. |
ListExternalSAMLIdPCertificates | Queries SAML signing certificates. |
RemoveExternalSAMLIdPCertificate | Removes a SAML signing certificate. |
Operations for access configurations
Operation | Description |
---|---|
CreateAccessConfiguration | Creates an access configuration. |
ListAccessConfigurations | Queries access configurations. |
GetAccessConfiguration | Queries the information about an access configuration. |
UpdateAccessConfiguration | Modifies the information about an access configuration. |
DeleteAccessConfiguration | Deletes an access configuration. |
AddPermissionPolicyToAccessConfiguration | Adds a policy to an access configuration. |
RemovePermissionPolicyFromAccessConfiguration | Removes a policy from an access configuration. |
UpdateInlinePolicyForAccessConfiguration | Modifies an inline policy that is created for an access configuration. |
ListPermissionPoliciesInAccessConfiguration | Queries the policies that are created for an access configuration. |
Operations for multi-account authorization
Operation | Description |
---|---|
ProvisionAccessConfiguration | Provisions an access configuration for an account in your resource directory. |
DeprovisionAccessConfiguration | De-provisions an access configuration from an account in your resource directory. |
ListAccessConfigurationProvisionings | Queries the access configurations that are provisioned. |
CreateAccessAssignment | Assigns access permissions on an account in your resource directory to a user or a group by using an access configuration. |
ListAccessAssignments | Queries the access permissions that are assigned. |
DeleteAccessAssignment | Remove the access permissions on an account in a resource directory. |
ListTasks | Queries asynchronous tasks. |
GetTask | Queries the information about an asynchronous task. |
GetTaskStatus | Queries the status of an asynchronous task. |