:doc:`WickrAdminAPI <../../wickr>` / Client / register_oidc_config

********************
register_oidc_config
********************



.. py:method:: WickrAdminAPI.Client.register_oidc_config(**kwargs)

  

  Registers and saves an OpenID Connect (OIDC) configuration for a Wickr network, enabling Single Sign-On (SSO) authentication through an identity provider.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wickr-2024-02-01/RegisterOidcConfig>`_  


  **Request Syntax**
  ::

    response = client.register_oidc_config(
        networkId='string',
        companyId='string',
        customUsername='string',
        extraAuthParams='string',
        issuer='string',
        scopes='string',
        secret='string',
        ssoTokenBufferMinutes=123,
        userId='string'
    )
    
  :type networkId: string
  :param networkId: **[REQUIRED]** 

    The ID of the Wickr network for which OIDC will be configured.

    

  
  :type companyId: string
  :param companyId: **[REQUIRED]** 

    Custom identifier your end users will use to sign in with SSO.

    

  
  :type customUsername: string
  :param customUsername: 

    A custom field mapping to extract the username from the OIDC token (optional).

     

    .. note::

      

      The customUsername is only required if you use something other than email as the username field.

      

    

  
  :type extraAuthParams: string
  :param extraAuthParams: 

    Additional authentication parameters to include in the OIDC flow (optional).

    

  
  :type issuer: string
  :param issuer: **[REQUIRED]** 

    The issuer URL of the OIDC provider (e.g., 'https://login.example.com').

    

  
  :type scopes: string
  :param scopes: **[REQUIRED]** 

    The OAuth scopes to request from the OIDC provider (e.g., 'openid profile email').

    

  
  :type secret: string
  :param secret: 

    The client secret for authenticating with the OIDC provider (optional).

    

  
  :type ssoTokenBufferMinutes: integer
  :param ssoTokenBufferMinutes: 

    The buffer time in minutes before the SSO token expires to refresh it (optional).

    

  
  :type userId: string
  :param userId: 

    Unique identifier provided by your identity provider to authenticate the access request. Also referred to as clientID.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'applicationName': 'string',
          'clientId': 'string',
          'companyId': 'string',
          'scopes': 'string',
          'issuer': 'string',
          'clientSecret': 'string',
          'secret': 'string',
          'redirectUrl': 'string',
          'userId': 'string',
          'customUsername': 'string',
          'caCertificate': 'string',
          'applicationId': 123,
          'ssoTokenBufferMinutes': 123,
          'extraAuthParams': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **applicationName** *(string) --* 

        The name of the registered OIDC application.

        
      

      - **clientId** *(string) --* 

        The OAuth client ID assigned to the application.

        
      

      - **companyId** *(string) --* 

        Custom identifier your end users will use to sign in with SSO.

        
      

      - **scopes** *(string) --* 

        The OAuth scopes configured for the application.

        
      

      - **issuer** *(string) --* 

        The issuer URL of the OIDC provider.

        
      

      - **clientSecret** *(string) --* 

        The OAuth client secret for the application.

        
      

      - **secret** *(string) --* 

        The client secret for authenticating with the OIDC provider.

        
      

      - **redirectUrl** *(string) --* 

        The redirect URL configured for the OAuth flow.

        
      

      - **userId** *(string) --* 

        The claim field being used as the user identifier.

        
      

      - **customUsername** *(string) --* 

        The custom field mapping used for extracting the username.

        
      

      - **caCertificate** *(string) --* 

        The CA certificate used for secure communication with the OIDC provider.

        
      

      - **applicationId** *(integer) --* 

        The unique identifier for the registered OIDC application.

        
      

      - **ssoTokenBufferMinutes** *(integer) --* 

        The buffer time in minutes before the SSO token expires.

        
      

      - **extraAuthParams** *(string) --* 

        The additional authentication parameters configured for the OIDC flow.

        
  
  **Exceptions**
  
  *   :py:class:`WickrAdminAPI.Client.exceptions.ValidationError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.BadRequestError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.ResourceNotFoundError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.ForbiddenError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.UnauthorizedError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.InternalServerError`

  
  *   :py:class:`WickrAdminAPI.Client.exceptions.RateLimitError`

  