# Get All SSO Certificates by Integration

## API Overview

The Single Sign-On APIs allow you to manage your SAML 2.0 SSO configurations. You can also work with your SSO integrations using the [SSO section of the Twilio SendGrid App](https://app.sendgrid.com/settings/sso).

The Certificates API allows you to create, modify, and delete SSO certificates. A SAML certificate allows your IdP and Twilio SendGrid to verify requests are coming from one another using the `public_certificate` and `integration_id` parameters.

For more information about managing SSO Certificates, see the [Twilio SendGrid SSO documentation](/docs/sendgrid/ui/account-and-settings/sso/).

## Operation overview

```json
{"path":"https://api.sendgrid.com/v3/sso/integrations/{integration_id}/certificates","method":"get","servers":[{"url":"https://api.sendgrid.com","description":"for global users and subusers"},{"url":"https://api.eu.sendgrid.com","description":"for EU regional subusers"}]}
```

**This endpoint allows you to retrieve all your IdP configurations by configuration ID.**

The `integration_id` expected by this endpoint is the `id` returned in the response by the "Get All SSO Integrations" endpoint.

## Operation details

### Authentication

API Key

### Headers

```json
[{"in":"header","name":"Authorization","required":true,"default":"Bearer <<YOUR_API_KEY_HERE>>","schema":{"type":"string"}}]
```

### Path parameters

```json
[{"name":"integration_id","in":"path","description":"An ID that matches a certificate to a specific IdP integration.","required":true,"schema":{"type":"string"}}]
```

### Responses

```json
[{"responseCode":"200","schema":{"description":"","content":{"application/json":{"schema":{"type":"array","items":{"title":"Single Sign-On Certificate Body","type":"object","example":{"public_certificate":"<your x509 certificate>","id":66138975,"not_before":1621289880,"not_after":1621289880,"intergration_id":"b0b98502-9408-4b24-9e3d-31ed7cb15312"},"refName":"SsoCertificateBody","modelName":"SsoCertificateBody","properties":{"public_certificate":{"type":"string","description":"This certificate is used by Twilio SendGrid to verify that SAML requests are coming from Okta. This is called the X509 certificate in the Twilio SendGrid UI."},"id":{"type":"number","description":"A unique ID assigned to the certificate by SendGrid."},"not_before":{"type":"number","description":"A unix timestamp (e.g., 1603915954) that indicates the time before which the certificate is not valid."},"not_after":{"type":"number","description":"A unix timestamp (e.g., 1603915954) that indicates the time after which the certificate is no longer valid."},"intergration_id":{"type":"string","description":"An ID that matches a certificate to a specific IdP integration."}}}},"examples":{"response":{"value":[{"public_certificate":"<your x509 certificate>","id":66138975,"not_before":1621289880,"not_after":1621289880,"intergration_id":"b0b98502-9408-4b24-9e3d-31ed7cb15312"}]}}}}}},{"responseCode":"400","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso400","modelName":"__components_responses_Sso400"}},{"responseCode":"401","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso401","modelName":"__components_responses_Sso401"}},{"responseCode":"403","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso403","modelName":"__components_responses_Sso403"}},{"responseCode":"429","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso429","modelName":"__components_responses_Sso429"}},{"responseCode":"500","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso500","modelName":"__components_responses_Sso500"}}]
```

Get All SSO Certificates by Integration

```js
const client = require("@sendgrid/client");
client.setApiKey(process.env.SENDGRID_API_KEY);

const integration_id = "integration_id";

const request = {
  url: `/v3/sso/integrations/${integration_id}/certificates`,
  method: "GET",
};

client
  .request(request)
  .then(([response, body]) => {
    console.log(response.statusCode);
    console.log(response.body);
  })
  .catch((error) => {
    console.error(error);
  });
```

```python
import os
from sendgrid import SendGridAPIClient


sg = SendGridAPIClient(os.environ.get("SENDGRID_API_KEY"))

integration_id = "integration_id"

response = sg.client.sso.integrations._(integration_id).certificates.get()

print(response.status_code)
print(response.body)
print(response.headers)
```

```csharp
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using SendGrid;

public class Program {
    public static async Task Main() {
        string apiKey = Environment.GetEnvironmentVariable("SENDGRID_API_KEY");
        var client = new SendGridClient(apiKey);

        var integrationId = "integration_id";

        var response = await client.RequestAsync(
            method: SendGridClient.Method.GET,
            urlPath: $"sso/integrations/{integrationId}/certificates");

        Console.WriteLine(response.StatusCode);
        Console.WriteLine(response.Body.ReadAsStringAsync().Result);
        Console.WriteLine(response.Headers.ToString());
    }
}
```

```java
import com.sendgrid.*;
import java.io.IOException;

public class Example {
    public static void main(String[] args) throws IOException {
        try {
            SendGrid sg = new SendGrid(System.getenv("SENDGRID_API_KEY"));
            Request request = new Request();
            request.setMethod(Method.GET);
            request.setEndpoint("/sso/integrations/integration_id/certificates");
            Response response = sg.api(request);
            System.out.println(response.getStatusCode());
            System.out.println(response.getBody());
            System.out.println(response.getHeaders());
        } catch (IOException ex) {
            throw ex;
        }
    }
}
```

```go
package main

import (
	"fmt"
	"github.com/sendgrid/sendgrid-go"
	"os"
)

func main() {
	apiKey := os.Getenv("SENDGRID_API_KEY")
	host := "https://api.sendgrid.com"
	request := sendgrid.GetRequest(apiKey, "/v3/sso/integrations/integration_id/certificates", host)
	request.Method = "GET"
	response, err := sendgrid.API(request)
	if err != nil {
		fmt.Println(err.Error())
		os.Exit(1)
	} else {
		fmt.Println(response.StatusCode)
		fmt.Println(response.Body)
		fmt.Println(response.Headers)
	}
}
```

```php
<?php
// Uncomment the next line if you're using a dependency loader (such as Composer) (recommended)
// require 'vendor/autoload.php';

// Uncomment next line if you're not using a dependency loader (such as Composer)
// require_once '<PATH TO>/sendgrid-php.php';

$apiKey = getenv("SENDGRID_API_KEY");
$sg = new \SendGrid($apiKey);
$integration_id = "integration_id";

try {
    $response = $sg->client
        ->sso()
        ->integrations()
        ->_($integration_id)
        ->certificates()
        ->get();
    print $response->statusCode() . "\n";
    print_r($response->headers());
    print $response->body() . "\n";
} catch (Exception $ex) {
    echo "Caught exception: " . $ex->getMessage();
}
```

```ruby
require 'sendgrid-ruby'
include SendGrid

sg = SendGrid::API.new(api_key: ENV['SENDGRID_API_KEY'])
integration_id = "integration_id"

response = sg.client.sso.integrations._(integration_id).certificates.get()
puts response.status_code
puts response.headers
puts response.body
```

```bash
curl -X GET "https://api.sendgrid.com/v3/sso/integrations/integration_id/certificates" \
--header "Authorization: Bearer $SENDGRID_API_KEY"
```