# Update SSO Certificate ## API Overview The Single Sign-On APIs allow you to manage your SAML 2.0 SSO configurations. You can also work with your SSO integrations using the [SSO section of the Twilio SendGrid App](https://app.sendgrid.com/settings/sso). The Certificates API allows you to create, modify, and delete SSO certificates. A SAML certificate allows your IdP and Twilio SendGrid to verify requests are coming from one another using the `public_certificate` and `integration_id` parameters. For more information about managing SSO Certificates, see the [Twilio SendGrid SSO documentation](/docs/sendgrid/ui/account-and-settings/sso/). ## Operation overview ```json {"path":"https://api.sendgrid.com/v3/sso/certificates/{cert_id}","method":"patch","servers":[{"url":"https://api.sendgrid.com","description":"for global users and subusers"},{"url":"https://api.eu.sendgrid.com","description":"for EU regional subusers"}]} ``` **This endpoint allows you to update an existing certificate by ID.** You can retrieve a certificate's ID from the response provided by the "Get All SSO Integrations" endpoint. ## Operation details ### Authentication API Key ### Headers ```json [{"in":"header","name":"Authorization","required":true,"default":"Bearer <>","schema":{"type":"string"}}] ``` ### Path parameters ```json [{"name":"cert_id","in":"path","required":true,"schema":{"type":"string"}}] ``` ### Request body ```json {"schema":{"type":"object","example":{"public_certificate":"","enabled":false,"intergration_id":"b0b98502-9408-4b24-9e3d-31ed7cb15312"},"properties":{"public_certificate":{"type":"string","description":"This public certificate allows SendGrid to verify that SAML requests it receives are signed by an IdP that it recognizes."},"enabled":{"type":"boolean","description":"Indicates whether or not the certificate is enabled."},"integration_id":{"type":"string","description":"An ID that matches a certificate to a specific IdP integration."}}},"encodingType":"application/json"} ``` ### Responses ```json [{"responseCode":"200","schema":{"description":"","content":{"application/json":{"schema":{"title":"Single Sign-On Certificate Body","type":"object","example":{"public_certificate":"","id":66138975,"not_before":1621289880,"not_after":1621289880,"intergration_id":"b0b98502-9408-4b24-9e3d-31ed7cb15312"},"refName":"SsoCertificateBody","modelName":"SsoCertificateBody","properties":{"public_certificate":{"type":"string","description":"This certificate is used by Twilio SendGrid to verify that SAML requests are coming from Okta. This is called the X509 certificate in the Twilio SendGrid UI."},"id":{"type":"number","description":"A unique ID assigned to the certificate by SendGrid."},"not_before":{"type":"number","description":"A unix timestamp (e.g., 1603915954) that indicates the time before which the certificate is not valid."},"not_after":{"type":"number","description":"A unix timestamp (e.g., 1603915954) that indicates the time after which the certificate is no longer valid."},"intergration_id":{"type":"string","description":"An ID that matches a certificate to a specific IdP integration."}}},"examples":{"response":{"value":{"public_certificate":"","id":66138975,"not_before":1621289880,"not_after":1621289880,"intergration_id":"b0b98502-9408-4b24-9e3d-31ed7cb15312"}}}}}}},{"responseCode":"400","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso400","modelName":"__components_responses_Sso400"}},{"responseCode":"401","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso401","modelName":"__components_responses_Sso401"}},{"responseCode":"403","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso403","modelName":"__components_responses_Sso403"}},{"responseCode":"429","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso429","modelName":"__components_responses_Sso429"}},{"responseCode":"500","schema":{"description":"","content":{"application/json":{"schema":{"title":"SSO Error Response","type":"array","refName":"SsoErrorResponse","modelName":"SsoErrorResponse","items":{"type":"object","properties":{"message":{"type":"string"},"field":{"nullable":true,"type":"string"},"error_id":{"type":"string"}}}}}},"refName":"#/components/responses/Sso500","modelName":"__components_responses_Sso500"}}] ``` Update SSO Certificate ```js const client = require("@sendgrid/client"); client.setApiKey(process.env.SENDGRID_API_KEY); const cert_id = "cert_id"; const data = { public_certificate: "", enabled: false, }; const request = { url: `/v3/sso/certificates/${cert_id}`, method: "PATCH", body: data, }; client .request(request) .then(([response, body]) => { console.log(response.statusCode); console.log(response.body); }) .catch((error) => { console.error(error); }); ``` ```python import os from sendgrid import SendGridAPIClient sg = SendGridAPIClient(os.environ.get("SENDGRID_API_KEY")) cert_id = "cert_id" data = {"public_certificate": "", "enabled": False} response = sg.client.sso.certificates._(cert_id).patch(request_body=data) print(response.status_code) print(response.body) print(response.headers) ``` ```csharp using System; using System.Collections.Generic; using System.Threading.Tasks; using SendGrid; public class Program { public static async Task Main() { string apiKey = Environment.GetEnvironmentVariable("SENDGRID_API_KEY"); var client = new SendGridClient(apiKey); var certId = "cert_id"; var data = @"{ ""public_certificate"": """", ""enabled"": false }"; var response = await client.RequestAsync( method: SendGridClient.Method.PATCH, urlPath: $"sso/certificates/{certId}", requestBody: data); Console.WriteLine(response.StatusCode); Console.WriteLine(response.Body.ReadAsStringAsync().Result); Console.WriteLine(response.Headers.ToString()); } } ``` ```java import com.sendgrid.*; import java.io.IOException; import org.json.JSONObject; import java.util.HashMap; public class Example { public static void main(String[] args) throws IOException { try { SendGrid sg = new SendGrid(System.getenv("SENDGRID_API_KEY")); Request request = new Request(); request.setMethod(Method.PATCH); request.setEndpoint("/sso/certificates/cert_id"); request.setBody(new JSONObject(new HashMap() { { put("public_certificate", ""); put("enabled", false); } }).toString()); Response response = sg.api(request); System.out.println(response.getStatusCode()); System.out.println(response.getBody()); System.out.println(response.getHeaders()); } catch (IOException ex) { throw ex; } } } ``` ```go package main import ( "fmt" "github.com/sendgrid/sendgrid-go" "os" ) func main() { apiKey := os.Getenv("SENDGRID_API_KEY") host := "https://api.sendgrid.com" request := sendgrid.GetRequest(apiKey, "/v3/sso/certificates/cert_id", host) request.Method = "PATCH" request.Body = []byte(`{ "public_certificate": "", "enabled": false }`) response, err := sendgrid.API(request) if err != nil { fmt.Println(err.Error()) os.Exit(1) } else { fmt.Println(response.StatusCode) fmt.Println(response.Body) fmt.Println(response.Headers) } } ``` ```php /sendgrid-php.php'; $apiKey = getenv("SENDGRID_API_KEY"); $sg = new \SendGrid($apiKey); $request_body = json_decode('{ "public_certificate": "", "enabled": false }'); $cert_id = "cert_id"; try { $response = $sg->client ->sso() ->certificates() ->_($cert_id) ->patch($request_body); print $response->statusCode() . "\n"; print_r($response->headers()); print $response->body() . "\n"; } catch (Exception $ex) { echo "Caught exception: " . $ex->getMessage(); } ``` ```ruby require 'sendgrid-ruby' include SendGrid sg = SendGrid::API.new(api_key: ENV['SENDGRID_API_KEY']) cert_id = "cert_id" data = JSON.parse('{ "public_certificate": "", "enabled": false }') response = sg.client.sso.certificates._(cert_id).patch(request_body: data) puts response.status_code puts response.headers puts response.body ``` ```bash curl -X PATCH "https://api.sendgrid.com/v3/sso/certificates/cert_id" \ --header "Authorization: Bearer $SENDGRID_API_KEY" \ --header "Content-Type: application/json" \ --data '{"public_certificate": "", "enabled": false}' ```