# SSO Providers (Self Hosted Only)

## List registered SSO providers

> Self-hosted only. Returns all registered SAML SSO providers and their associated domains.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"security":[{"access-token":[]}],"components":{"securitySchemes":{"access-token":{"scheme":"bearer","bearerFormat":"JWT","type":"http","in":"header"}}},"paths":{"/sfp/api/sso/providers":{"get":{"operationId":"SsoProviderController_list","summary":"List registered SSO providers","description":"Self-hosted only. Returns all registered SAML SSO providers and their associated domains.","parameters":[],"responses":{"403":{"description":"Forbidden - Requires role: owner"}},"tags":["SSO Providers (Self-Hosted Only)"]}}}}
```

## Register a SAML SSO provider

> Self-hosted only. Registers a SAML identity provider (Azure AD, Okta, etc.) for SSO authentication. Requires owner role.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"security":[{"access-token":[]}],"components":{"securitySchemes":{"access-token":{"scheme":"bearer","bearerFormat":"JWT","type":"http","in":"header"}},"schemas":{"RegisterSsoProviderDto":{"type":"object","properties":{"metadataUrl":{"type":"string","description":"SAML metadata URL from your IdP"},"domains":{"description":"Email domains for this SSO provider","type":"array","items":{"type":"string"}},"providerId":{"type":"string","description":"Provider ID from a pre-registered IdP (cloud mode). When set, skips GoTrue registration and stores this ID directly for config auto-detect."}},"required":["metadataUrl","domains"]}}},"paths":{"/sfp/api/sso/providers":{"post":{"operationId":"SsoProviderController_register","summary":"Register a SAML SSO provider","description":"Self-hosted only. Registers a SAML identity provider (Azure AD, Okta, etc.) for SSO authentication. Requires owner role.","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/RegisterSsoProviderDto"}}}},"responses":{"201":{"description":"SSO provider registered"},"403":{"description":"Forbidden - Requires role: owner"}},"tags":["SSO Providers (Self-Hosted Only)"]}}}}
```

## Remove an SSO provider

> Self-hosted only. Removes a SAML SSO provider by ID.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"security":[{"access-token":[]}],"components":{"securitySchemes":{"access-token":{"scheme":"bearer","bearerFormat":"JWT","type":"http","in":"header"}}},"paths":{"/sfp/api/sso/providers/{id}":{"delete":{"operationId":"SsoProviderController_remove","summary":"Remove an SSO provider","description":"Self-hosted only. Removes a SAML SSO provider by ID.","parameters":[{"name":"id","required":true,"in":"path","schema":{"type":"string"}}],"responses":{"403":{"description":"Forbidden - Requires role: owner"}},"tags":["SSO Providers (Self-Hosted Only)"]}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp-server/api-reference/sso-providers-self-hosted-only.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.