# Inbound SSO - [Admin Console](#admin-console) - [API documentation](#api-documentation) - [Definitions](#definitions) - [Manage profiles](#manage-profiles) - [Display profiles](#display-profiles) - [Manage credentials](#manage-credentials) - [Display credentials](#display-credentials) - [Manage assignments](#manage-assignments) - [Display assignments](#display-assignments) ## Admin Console * https://admin.google.com/ac/security/sso ## API documentation * https://cloud.google.com/identity/docs/reference/rest/v1beta1/inboundSamlSsoProfiles * https://cloud.google.com/identity/docs/reference/rest/v1beta1/inboundSamlSsoProfiles.idpCredentials * https://cloud.google.com/identity/docs/reference/rest/v1beta1/inboundSsoAssignments ## Definitions ``` ::= (.)+ ::= @ ::= ::= /|(/)+ ::= ::= id:inboundSamlSsoProfiles/ ::= | ::= "(,)*" ::= [id:]inboundSamlSsoProfiles//idpCredentials/ ::= [id:]inboundSsoAssignments/ ::= | groups/ | group: | orgunits/ | orgunit: ``` ## Manage profiles ``` gam create inboundssoprofile [name ] [entityid ] [loginurl ] [logouturl ] [changepasswordurl ] [returnnameonly] gam update inboundssoprofile [entityid ] [loginurl ] [logouturl ] [changepasswordurl ] [returnnameonly] ``` By default, all fields of the created|updated profile are displayed; use the `returnnameonly` option to have GAM display just the profile name of the created|updated profile. This will be useful in scripts that create|update a profile and then want to perform subsequent GAM commands that reference the profile. ``` gam delete inboundssoprofile ``` ## Display profiles Display a specific profile. ``` gam info inboundssoprofile [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all profiles. ``` gam show inboundssoprofiles [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all profiles in a CSV file. ``` gam print inboundssoprofiles [todrive *] [[formatjson [quotechar ]] ``` By default, Gam displays the information as columns of fields; the following option causes the output to be in JSON format, * `formatjson` - Display the fields in JSON format. By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled. When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output. The `quotechar ` option allows you to choose an alternate quote character, single quote for instance, that makes for readable/processable output. `quotechar` defaults to `gam.cfg/csv_output_quote_char`. When uploading CSV files to Google, double quote `"` should be used. ## Manage credentials ``` gam create inboundssocredential profile (pemfile )|(generatekey [keysize 1024|2048|4096]) [replaceolddest] gam delete inboundssocredential ``` ## Display credentials Display a specific credential. ``` gam info inboundssocredential [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all credentials. ``` gam show inboundssocredentials [profile|profiles ] [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all credentials in a CSV file. ``` gam print inboundssocredentials [profile|profiles ] [[formatjson [quotechar ]] ``` By default, Gam displays the information as columns of fields; the following option causes the output to be in JSON format, * `formatjson` - Display the fields in JSON format. By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled. When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output. The `quotechar ` option allows you to choose an alternate quote character, single quote for instance, that makes for readable/processable output. `quotechar` defaults to `gam.cfg/csv_output_quote_char`. When uploading CSV files to Google, double quote `"` should be used. ## Manage assignments ``` gam create inboundssoassignment (group rank )|(ou|org|orgunit ) (mode sso_off)|(mode saml_sso profile )(mode domain_wide_saml_if_enabled) [neverredirect] gam update inboundssoassignment [(group rank )|(ou|org|orgunit )] [(mode sso_off)|(mode saml_sso profile )(mode domain_wide_saml_if_enabled)] [neverredirect] gam delete inboundssoassignment ``` ## Display assignments Display a specific assignment. ``` gam info inboundssoassignment [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all assignments. ``` gam show inboundssoassignments [formatjson] ``` By default, Gam displays the information as an indented list of keys and values. * `formatjson` - Display the fields in JSON format. Display all assignments in a CSV file. ``` gam print inboundssoassignments [todrive *] [[formatjson [quotechar ]] ``` By default, Gam displays the information as columns of fields; the following option causes the output to be in JSON format, * `formatjson` - Display the fields in JSON format. By default, when writing CSV files, Gam uses a quote character of double quote `"`. The quote character is used to enclose columns that contain the quote character itself, the column delimiter (comma by default) and new-line characters. Any quote characters within the column are doubled. When using the `formatjson` option, double quotes are used extensively in the data resulting in hard to read/process output. The `quotechar ` option allows you to choose an alternate quote character, single quote for instance, that makes for readable/processable output. `quotechar` defaults to `gam.cfg/csv_output_quote_char`. When uploading CSV files to Google, double quote `"` should be used.