# Get SSO connection

> Source: https://truto.one/docs/api-reference/admin/sso-connections/get/

`GET /sso-connection/{id}`

Resource: **SSO Connections**

## Path parameters

- **`id`** _(string, required)_
  The ID of the SSO connection you want to retrieve.

## Response body

- **`id`** _(string)_
  The ID of the SSO connection.
- **`team_id`** _(string)_
  The ID of the team that owns this SSO connection.
- **`protocol`** _(string)_
  The SSO protocol used by this connection.
  Allowed: `saml`, `oidc`
- **`is_active`** _(boolean)_
  Whether this SSO connection is active.
- **`enforced`** _(boolean)_
  Whether SSO login is enforced for users on the connection's verified domains.
- **`is_default`** _(boolean)_
  Whether this is the team's default SSO connection.
- **`config`** _(object)_
  Non-secret protocol settings. Secret values (the OIDC client secret and SAML SP keys) are never returned.
  - **`idp_entity_id`** _(string)_
    SAML IdP entity ID.
  - **`idp_sso_url`** _(string)_
    SAML IdP single sign-on URL.
  - **`idp_x509_cert`** _(string)_
    SAML IdP X.509 signing certificate (PEM).
  - **`issuer`** _(string)_
    OIDC issuer URL.
  - **`client_id`** _(string)_
    OIDC relying-party client ID.
  - **`discovery_url`** _(string)_
    OIDC discovery document URL.
  - **`sign_authn_requests`** _(boolean)_
    SAML only — sign SP-initiated AuthnRequests with the SP key (HTTP-Redirect binding).
  - **`allow_idp_initiated`** _(boolean)_
    SAML only — accept unsolicited (IdP-initiated) responses at the ACS. Defaults to false (unsolicited responses rejected) when omitted.
- **`default_role`** _(string)_
  The role assigned to users provisioned through this connection.
- **`default_environment_ids`** _(array<string>)_
  Environment IDs that provisioned users are granted access to by default.
- **`created_at`** _(string)_
  The date and time when the SSO connection was created.
- **`updated_at`** _(string)_
  The date and time when the SSO connection was last updated.

## Code examples

### curl

```bash
curl -X GET 'https://api.truto.one/sso-connection/{id}' \
  -H 'Authorization: Bearer <your_api_token>' \
  -H 'Content-Type: application/json'
```

### JavaScript

```javascript
const response = await fetch('https://api.truto.one/sso-connection/{id}', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer <your_api_token>',
    'Content-Type': 'application/json',
  },
});

const data = await response.json();
console.log(data);
```

### Python

```python
import requests

url = "https://api.truto.one/sso-connection/{id}"
headers = {
    "Authorization": "Bearer <your_api_token>",
    "Content-Type": "application/json",
}
params = {
}

response = requests.get(url, headers=headers, params=params)
print(response.json())
```