API ReferenceSsoSAML

✨ Update SAML2 Settings

<Card href="https://humansignal.com/goenterprise"> <img style="pointer-events: none; margin-left: 0px; margin-right: 0px;" src="https://docs.humansignal.com/images/badge.svg" alt="Label Studio Enterprise badge"/> <p style="margin-top: 10px; font-size: 14px;"> This endpoint is not available in Label Studio Community Edition. [Learn more about Label Studio Enterprise](https://humansignal.com/goenterprise) </p> </Card> Update SAML2 settings for the currently active organization.

Authentication

AuthorizationToken
The token (or API key) must be passed as a request header. You can find your user token on the User Account page in Label Studio. Example: <br><pre><code class="language-bash">curl https://label-studio-host/api/projects -H "Authorization: Token [your-token]"</code></pre>

Request

This endpoint expects an object.
domainstringOptional3-65536 characters

Organization web domain or domains; use comma separated list with no spaces for multiple. Example:

labelstud.io,humansignal.com

IMPORTANT: DO NOT PUT COMMON DOMAINS LIKE GMAIL.COM, YAHOO.COM, ETC. IN THIS FIELD

idp_providerstring or nullOptional<=256 characters

Identity Provider preset key (e.g. okta, azure, google, custom)

manual_role_managementboolean or nullOptional

Allow manually assigning organization roles instead of IdP-managed groups. None = use billing default.

mapping_emailstring or nullOptional1-1024 characters

Mapping attributes: user email from SAML request

mapping_first_namestring or nullOptional<=1024 characters

Mapping attributes: user first name from SAML request

mapping_groupsstring or nullOptional<=1024 characters

Mapping attributes: groups attribute for user mapping to workspaces and roles

mapping_last_namestring or nullOptional<=1024 characters

Mapping attributes: user last name from SAML request

metadata_urlstringOptional<=65536 characters
URL SAML metadata from IdP
metadata_xmlstringOptional
Metadata XML file
projects_groupslist of objectsOptional

Projects to Groups Mapping. List of objects with project_id, group, role.

roles_groupslist of lists of stringsOptional

Organization Roles to Groups Mapping. List of [role_name, group_name] pairs.

workspaces_groupslist of lists of stringsOptional

Workspaces to Groups Mapping. List of [workspace_title, group_name] pairs.

Response

domainstring3-65536 characters

Organization web domain or domains; use comma separated list with no spaces for multiple. Example:

labelstud.io,humansignal.com

IMPORTANT: DO NOT PUT COMMON DOMAINS LIKE GMAIL.COM, YAHOO.COM, ETC. IN THIS FIELD

idp_providerstring or null<=256 characters

Identity Provider preset key (e.g. okta, azure, google, custom)

manual_role_managementboolean or null

Allow manually assigning organization roles instead of IdP-managed groups. None = use billing default.

mapping_emailstring or null1-1024 characters

Mapping attributes: user email from SAML request

mapping_first_namestring or null<=1024 characters

Mapping attributes: user first name from SAML request

mapping_groupsstring or null<=1024 characters

Mapping attributes: groups attribute for user mapping to workspaces and roles

mapping_last_namestring or null<=1024 characters

Mapping attributes: user last name from SAML request

metadata_urlstring<=65536 characters
URL SAML metadata from IdP
metadata_xmlstring
Metadata XML file
projects_groupslist of objects

Projects to Groups Mapping. List of objects with project_id, group, role.

roles_groupslist of lists of strings

Organization Roles to Groups Mapping. List of [role_name, group_name] pairs.

workspaces_groupslist of lists of strings

Workspaces to Groups Mapping. List of [workspace_title, group_name] pairs.