Get all SSO schemes for a project.
  • 12 May 2026
  • 6 Minutes to read
  • Contributors
  • Dark
    Light

Get all SSO schemes for a project.

  • Dark
    Light

Article summary

Get
/v3/projects/{project_id}/sso-schemes

Returns SSO authentication schemes configured for the project with pagination support, including each scheme's name and display name. If SSO has not been configured, an empty list is returned rather than an error. Requires ViewProjectSettings permission. Use the page and page_size query parameters to control pagination.

Security
OAuth

All V3 endpoints require a Bearer token. Generate tokens in the Document360 portal under Settings > API Tokens. Tokens are project-scoped, require the customerApi scope, and do not expire by default. Tokens can be revoked at any time from the portal. Include the token in every request: Authorization: Bearer <your-token>. Alternatively, use the Authorize button below to sign in via OAuth2 Authorization Code flow with PKCE.

FlowAuthorization Code
Authorization URLhttps://identity.document360.net/connect/authorize
Token URLhttps://identity.document360.net/connect/token
Scopes:
customerApiDocument360 Customer API
Path parameters
project_id
string (uuid) Required

The unique identifier of the project. Retrieve project IDs from GET /v3/projects.

Example9a3b4c5d-6e7f-8a9b-0c1d-2e3f4a5b6c7d
Query parameters
page
integer (int32)

Page number (1-based). Defaults to 1.

Minimum1
Default1
page_size
integer (int32)

Number of results per page. Defaults to 25. Maximum 100.

Minimum1
Maximum100
Default25
cursor
string

Opaque cursor from a previous response's next_cursor. When provided, page is ignored.

include_total_count
boolean

Set to true to include total_count in the response. Default: false.

Defaultfalse
Responses
200

SSO schemes retrieved successfully.

List of SSO schemes
{
  "data": [
    {
      "name": "okta-saml",
      "display_name": "Okta SAML 2.0"
    },
    {
      "name": "azure-ad-oidc",
      "display_name": "Azure Active Directory (OpenID Connect)"
    }
  ],
  "success": true,
  "request_id": "b8c9d0e1-f2a3-4567-bcde-678901234567",
  "errors": [],
  "warnings": []
}
Expand All
object

Paginated API response containing a list of items.

data
Array of object (SsoSchemeResponse)

List of items for the current page.

object

Represents an SSO authentication scheme configured for the project.

name
string | null

Internal name identifier of the SSO scheme.

Exampleokta-saml
display_name
string | null

User-friendly display name of the SSO scheme.

ExampleOkta SAML
pagination
object

Pagination metadata.

page
integer (int32)

Current page number (1-based). Returns 0 when using cursor-based pagination.

page_size
integer (int32)

Number of items per page.

total_count
integer (int64) | null

Total number of items across all pages. Only populated when include_total_count=true is specified in the request.

has_more
boolean

Whether additional pages are available.

next_cursor
string | null

Opaque cursor to retrieve the next page of results. Pass this value as the cursor query parameter. Null when there are no more pages.

success
boolean

Whether the API request was successful.

request_id
string

Unique identifier for request tracing and correlation.

Min length1
errors
Array of object (ApiError) | null

List of errors if the request failed.

object

Represents an error returned by the API.

code
string

Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).

Min length1
message
string

Human-readable error message.

Min length1
field
string | null

The request field that caused the error, if applicable.

details
string | null

Additional context about the error.

warnings
Array of object (ApiWarning) | null

List of non-fatal warnings from the request.

object

Represents a non-fatal warning from the API.

code
string

Machine-readable warning code.

Min length1
message
string

Human-readable warning message.

Min length1
401

Authentication token is missing or invalid.

Headers
WWW-Authenticate
string
Indicates the authentication scheme required. Returns `Bearer` with optional `error` and `error_description` parameters per RFC 6750.
Missing or invalid token

Authentication token is missing or invalid.

{
  "type": "https://developer.document360.com/errors/unauthorized",
  "title": "Unauthorized.",
  "status": 401,
  "detail": "The authentication token is missing or has expired.",
  "instance": null,
  "trace_id": "req_abc123def456",
  "errors": [
    {
      "code": "UNAUTHORIZED",
      "message": "Bearer token is missing or invalid.",
      "field": null,
      "details": null
    }
  ],
  "warnings": null
}
Expand All
object

RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json

type
string

URI reference identifying the error type (links to documentation).

Min length1
title
string

Short human-readable summary of the error type.

Min length1
status
integer (int32)

HTTP status code.

detail
string | null

Human-readable explanation specific to this occurrence.

instance
string | null

URI of the request that generated the error.

trace_id
string | null

Request trace identifier for correlation.

errors
Array of object (ApiError) | null

Structured list of specific errors (extension field).

object

Represents an error returned by the API.

code
string

Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).

Min length1
message
string

Human-readable error message.

Min length1
field
string | null

The request field that caused the error, if applicable.

details
string | null

Additional context about the error.

warnings
Array of object (ApiWarning) | null

Non-fatal warnings (extension field).

object

Represents a non-fatal warning from the API.

code
string

Machine-readable warning code.

Min length1
message
string

Human-readable warning message.

Min length1
429

Rate limit exceeded. Retry after the duration specified in the Retry-After header.

Headers
Retry-After
integer
Number of seconds to wait before retrying the request. Use exponential backoff with jitter for optimal retry behavior.
X-RateLimit-Limit
integer
The maximum number of requests allowed in the current time window. Limits are applied per API token per project.
X-RateLimit-Remaining
integer
The number of requests remaining in the current time window. When this reaches 0, subsequent requests will receive a 429 response.
X-RateLimit-Reset
integer
The UTC epoch timestamp (in seconds) when the current rate limit window resets.
Rate limit exceeded

Rate limit exceeded.

{
  "type": "https://developer.document360.com/errors/too-many-requests",
  "title": "Too Many Requests.",
  "status": 429,
  "detail": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
  "instance": null,
  "trace_id": "req_abc123def456",
  "errors": [
    {
      "code": "TOO_MANY_REQUESTS",
      "message": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
      "field": null,
      "details": null
    }
  ],
  "warnings": null
}
Expand All
object

RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json

type
string

URI reference identifying the error type (links to documentation).

Min length1
title
string

Short human-readable summary of the error type.

Min length1
status
integer (int32)

HTTP status code.

detail
string | null

Human-readable explanation specific to this occurrence.

instance
string | null

URI of the request that generated the error.

trace_id
string | null

Request trace identifier for correlation.

errors
Array of object (ApiError) | null

Structured list of specific errors (extension field).

object

Represents an error returned by the API.

code
string

Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).

Min length1
message
string

Human-readable error message.

Min length1
field
string | null

The request field that caused the error, if applicable.

details
string | null

Additional context about the error.

warnings
Array of object (ApiWarning) | null

Non-fatal warnings (extension field).

object

Represents a non-fatal warning from the API.

code
string

Machine-readable warning code.

Min length1
message
string

Human-readable warning message.

Min length1
500

An unexpected server error occurred.

Unexpected server error

Unexpected server error.

{
  "type": "https://developer.document360.com/errors/internal-error",
  "title": "Internal Server Error.",
  "status": 500,
  "detail": "An unexpected error occurred. Please try again or contact support.",
  "instance": null,
  "trace_id": "req_abc123def456",
  "errors": [
    {
      "code": "INTERNAL_SERVER_ERROR",
      "message": "An unexpected error occurred.",
      "field": null,
      "details": null
    }
  ],
  "warnings": null
}
Expand All
object

RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json

type
string

URI reference identifying the error type (links to documentation).

Min length1
title
string

Short human-readable summary of the error type.

Min length1
status
integer (int32)

HTTP status code.

detail
string | null

Human-readable explanation specific to this occurrence.

instance
string | null

URI of the request that generated the error.

trace_id
string | null

Request trace identifier for correlation.

errors
Array of object (ApiError) | null

Structured list of specific errors (extension field).

object

Represents an error returned by the API.

code
string

Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).

Min length1
message
string

Human-readable error message.

Min length1
field
string | null

The request field that caused the error, if applicable.

details
string | null

Additional context about the error.

warnings
Array of object (ApiWarning) | null

Non-fatal warnings (extension field).

object

Represents a non-fatal warning from the API.

code
string

Machine-readable warning code.

Min length1
message
string

Human-readable warning message.

Min length1

Was this article helpful?