Stay organized with collectionsSave and categorize content based on your preferences.
Adds anIdpCredential. Up to 2 credentials are allowed.
When the target customer has enabledMulti-party approval for sensitive actions, theOperationin the response will have"done": false, it will not have a response, and the metadata will have"state": "awaiting-multi-party-approval".
HTTP request
POST https://cloudidentity.googleapis.com/v1/{parent=inboundSamlSsoProfiles/*}/idpCredentials:add
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-06 UTC."],[[["\u003cp\u003eThis endpoint adds an IdpCredential, allowing up to two credentials per InboundSamlSsoProfile.\u003c/p\u003e\n"],["\u003cp\u003eThe request URL structure is \u003ccode\u003ePOST https://cloudidentity.googleapis.com/v1/{parent=inboundSamlSsoProfiles/*}/idpCredentials:add\u003c/code\u003e, and it uses gRPC Transcoding.\u003c/p\u003e\n"],["\u003cp\u003eThe request body requires PEM-encoded x509 certificate data to verify IdP signatures, using the \u003ccode\u003epemData\u003c/code\u003e field.\u003c/p\u003e\n"],["\u003cp\u003eIf Multi-party approval is enabled, the \u003ccode\u003eOperation\u003c/code\u003e will show \u003ccode\u003e"done": false\u003c/code\u003e and \u003ccode\u003e"state": "awaiting-multi-party-approval"\u003c/code\u003e in the response metadata.\u003c/p\u003e\n"],["\u003cp\u003eThe request needs to include at least one of the following OAuth scopes: \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-identity.inboundsso\u003c/code\u003e, \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-identity\u003c/code\u003e, \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Method: inboundSamlSsoProfiles.idpCredentials.add\n\nAdds an [IdpCredential](/identity/docs/reference/rest/v1/inboundSamlSsoProfiles.idpCredentials#IdpCredential). Up to 2 credentials are allowed.\n\nWhen the target customer has enabled [Multi-party approval for sensitive actions](https://support.google.com/a/answer/13790448), the `Operation` in the response will have `\"done\": false`, it will not have a response, and the metadata will have `\"state\": \"awaiting-multi-party-approval\"`.\n\n### HTTP request\n\n`POST https://cloudidentity.googleapis.com/v1/{parent=inboundSamlSsoProfiles/*}/idpCredentials:add`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [Operation](/identity/docs/reference/rest/Shared.Types/Operation).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/cloud-identity.inboundsso`\n- `https://www.googleapis.com/auth/cloud-identity`\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authorization guide](/workspace/guides/configure-oauth-consent)."]]
