Update One Connected Organization

On this page

Required Roles

Resource
Request Path Parameters
Request Query Parameters
Request Body Parameters
Response
Example Request
Example Response

Cloud Manager will no longer support Automation, Backup, and Monitoring for MongoDB 3.6 and 4.0 after August 30th, 2024. Please upgrade your MongoDB deployment or migrate to Atlas.

OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.: The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.

The federationSettings resource allows you to update one connected organization for a federated authentication configuration.

Base URL: https://cloud.mongodb.com/api/public/v1.0

Required Roles

You must have the Organization Owner role to call this endpoint.

Resource

PATCH /federationSettings/{FEDERATION-SETTINGS-ID}/connectedOrgConfigs/{ORG-ID}/

Request Path Parameters

Name	Type	Description
`FEDERATION-SETTINGS-ID`	string	Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
`ORG-ID`	string	Unique 24-hexadecimal digit string that identifies the connected organization.

Request Query Parameters

The following query parameters are optional:

Name

Type

Necessity

Description

Default

pretty

boolean

Optional

Flag indicating whether the response body should be in a prettyprint format.

false

envelope

boolean

Optional

Flag that indicates whether or not to wrap the response in an envelope.

Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query.

For endpoints that return one result, the response body includes:

Name	Description
`status`	HTTP response code
`content`	Expected response body

false

Request Body Parameters

Name	Type	Necessity	Description
`domainAllowList`	array	Optional	List that contains the approved domains from which organization users can log in. If you provide a `domainAllowList` field in the request, the array that you provide replaces the current `domainAllowList`.
`domainRestrictionEnabled`	boolean	Required	Flag that indicates whether domain restriction is enabled for the connected organization.
`identityProviderId`	string	Required	Unique 20-hexadecimal digit string that identifies the identity provider associated with the connected organization. If omitted or if the value is `null`, MongoDB Cloud disconnects the organization specified by `orgId` from the IdP.
`orgId`	string	Required	Unique 24-hexadecimal digit string that identifies the connected organization.
`postAuthRoleGrants`	array	Optional	List that contains the default roles granted to users who authenticate through the IdP in a connected organization. If you provide a `postAuthRoleGrants` field in the request, the array that you provide replaces the current `postAuthRoleGrants`.
`roleMappings`	array	Optional	List that contains the role mappings configured in this organization. If you provide a `roleMappings` field in the request, the array that you provide replaces the current `roleMappings`.

Response

Name	Type	Description
`domainAllowList`	array	List that contains the approved domains from which organization users can log in.
`domainRestrictionEnabled`	boolean	Flag that indicates whether domain restriction is enabled for the connected organization. `userConflicts` returns `null` when `"domainRestrictionEnabled": false`.
`identityProviderId`	string	Unique 20-hexadecimal digit string that identifies the identity provider associated with the connected organization.
`orgId`	string	Unique 24-hexadecimal digit string that identifies the connected organization.
`postAuthRoleGrants`	array	List that contains the default roles granted to users who authenticate through the IdP in a connected organization.
`roleMappings`	array	List that contains the role mappings configured in this organization.
`userConflicts`	array	List that contains the usernames that don't match any domain on the allowed list. `userConflicts` returns `null` when `"domainRestrictionEnabled": false`.

Example Request

curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --include \
     --request PATCH "https://cloud.mongodb.com/api/public/v1.0/federationSettings/{FEDERATION-SETTINGS-ID}/connectedOrgConfigs/{ORG-ID}" \
     --data '
       {
         "domainRestrictionEnabled": false,
         "identityProviderId": "0oa7i0grsgbwJiIyw357",
         "orgId": "5df7a168f10fab3a149357fb",
         "roleMappings": [
           {
             "externalGroupName": "example",
             "id": "61e89721b827b56c845ff44c",
             "roleAssignments": [
               {
                 "groupId": null,
                 "orgId": "5df7a168f10fab3a149357fb",
                 "role": "ORG_OWNER"
               }
             ]
           }
         ]
       }'

Example Response

{
  "domainAllowList": [],
  "domainRestrictionEnabled": false,
  "identityProviderId": "0oa7i0grsgbwJiIyw357",
  "orgId": "5df7a168f10fab3a149357fb",
  "postAuthRoleGrants": [
    "ORG_OWNER"
  ],
  "roleMappings": [
    {
      "externalGroupName": "example",
      "id": "61e89721b827b56c845ff44c",
      "roleAssignments": [
        {
          "groupId": null,
          "orgId": "5df7a168f10fab3a149357fb",
          "role": "ORG_OWNER"
        }
      ]
    }
  ],
  "userConflicts": null
}

Back

Return Organization

Remove Organization