Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


OneLogin API

  • API version: 3.1.1
    • Build date: 2023-07-18T11:53:48.226013-07:00[America/Los_Angeles]

OpenAPI Specification for OneLogin

For more information, please visit

Automatically generated by the OpenAPI Generator


Building the API client library requires:

  1. Java 1.8+
  2. Maven (3.8.3+)/Gradle (7.2+)


To install the API client library to your local Maven repository, simply execute:

mvn clean install

To deploy it to a remote Maven repository instead, configure the settings of the repository and execute:

mvn clean deploy

Refer to the OSSRH Guide for more information.

Maven users

Add this dependency to your project's POM:


Gradle users

Add this dependency to your project's build file:

  repositories {
    mavenCentral()     // Needed if the 'onelogin-java-sdk' jar has been published to maven central.
    mavenLocal()       // Needed if the 'onelogin-java-sdk' jar has been published to the local maven repo.

  dependencies {
     implementation "com.onelogin:onelogin-java-sdk:3.1.1"


At first generate the JAR by executing:

mvn clean package

Then manually install the following JARs:

  • target/onelogin-java-sdk-3.1.1.jar
  • target/lib/*.jar

Getting Started

Please follow the installation instruction and execute the following Java code:

// Import classes:
import com.onelogin.client.ApiClient;
import com.onelogin.client.ApiException;
import com.onelogin.client.Configuration;
import com.onelogin.client.auth.*;
import com.onelogin.client.models.*;
import com.onelogin.client.api.ApiAuthClaimsApi;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = Configuration.getDefaultApiClient();
    // Configure OAuth2 access token for authorization: OAuth2
    OAuth OAuth2 = (OAuth) defaultClient.getAuthentication("OAuth2");
    OAuth2.setAccessToken("YOUR ACCESS TOKEN");

    ApiAuthClaimsApi apiInstance = new ApiAuthClaimsApi(defaultClient);
    String apiAuthId = "apiAuthId_example"; // String | 
    String contentType = "application/json"; // String | 
    AuthClaim authClaim = new AuthClaim(); // AuthClaim | 
    try {
      Integer result = apiInstance.createAuthClaim(apiAuthId, contentType, authClaim);
    } catch (ApiException e) {
      System.err.println("Exception when calling ApiAuthClaimsApi#createAuthClaim");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());

Documentation for API Endpoints

All URIs are relative to

Class Method HTTP request Description
ApiAuthClaimsApi createAuthClaim POST /api/2/api_authorizations/{api_auth_id}/claims Create Api Auth Server Claim
ApiAuthClaimsApi deleteAuthClaim DELETE /api/2/api_authorizations/{api_auth_id}/claims/{claim_id} Delete Api Auth Server Claim
ApiAuthClaimsApi getAuthclaims GET /api/2/api_authorizations/{api_auth_id}/claims Get Api Auth Server claims
ApiAuthClaimsApi updateClaim PUT /api/2/api_authorizations/{api_auth_id}/claims/{claim_id} Update Api Auth Server Claim
ApiAuthClientAppsApi addClientApp POST /api/2/api_authorizations/{api_auth_id}/clients Add Client App
ApiAuthClientAppsApi deleteClientApp DELETE /api/2/api_authorizations/{api_auth_id}/clients/{client_app_id} Remove Client App
ApiAuthClientAppsApi listClientApps GET /api/2/api_authorizations/{api_auth_id}/clients List Clients Apps
ApiAuthClientAppsApi updateClientApp PUT /api/2/api_authorizations/{api_auth_id}/clients/{client_app_id} Update Client App
ApiAuthScopesApi createScope POST /api/2/api_authorizations/{api_auth_id}/scopes Create Api Auth Server Scope
ApiAuthScopesApi deleteScope DELETE /api/2/api_authorizations/{api_auth_id}/scopes/{scope_id} Delete Api Auth Server Scope
ApiAuthScopesApi getScopes GET /api/2/api_authorizations/{api_auth_id}/scopes Get Api Auth Server Scopes
ApiAuthScopesApi updateScope PUT /api/2/api_authorizations/{api_auth_id}/scopes/{scope_id} Update Api Auth Server Scope
ApiAuthorizationServerApi createAuthServer POST /api/2/api_authorizations Create Api Auth Server
ApiAuthorizationServerApi deleteAuthServer DELETE /api/2/api_authorizations/{api_auth_id} Delete Api Auth Server
ApiAuthorizationServerApi getAuthServer GET /api/2/api_authorizations/{api_auth_id} Get Api Auth Server
ApiAuthorizationServerApi listAuthServers GET /api/2/api_authorizations List Api Auth Servers
ApiAuthorizationServerApi updateAuthServer PUT /api/2/api_authorizations/{api_auth_id} Update Api Auth Server
AppRulesApi createAppRule POST /api/2/apps/{app_id}/rules
AppRulesApi deleteRule DELETE /api/2/apps/{app_id}/rules/{rule_id} Delete Rule
AppRulesApi getAppRule GET /api/2/apps/{app_id}/rules/{rule_id} Get Rule
AppRulesApi listActionValies GET /api/2/apps/{app_id}/rules/actions/{rule_action_value}/values List Actions Values
AppRulesApi listActions GET /api/2/apps/{app_id}/rules/actions List Actions
AppRulesApi listAppRules GET /api/2/apps/{app_id}/rules List Rules
AppRulesApi listConditionOperators GET /api/2/apps/{app_id}/rules/conditions/{rule_condition_value}/operators List Conditions Operators
AppRulesApi listConditionValues GET /api/2/apps/{app_id}/rules/conditions/{rule_condition_value}/values List Conditions Values
AppRulesApi listConditions GET /api/2/apps/{app_id}/rules/conditions List Conditions
AppRulesApi sortAppRules PUT /api/2/apps/{app_id}/rules/sort Bulk Sort
AppRulesApi updateAppRule PUT /api/2/apps/{app_id}/rules/{rule_id} Update Rule
AppsApi createApp POST /api/2/apps Create App
AppsApi deleteApp DELETE /api/2/apps/{app_id} Delete App
AppsApi deleteAppParameter DELETE /api/2/apps/{app_id}/parameters/{parameter_id} Delete Parameter from App
AppsApi getApp GET /api/2/apps/{app_id} Get App
AppsApi getAppUsers GET /api/2/apps/{app_id}/users Get App Users
AppsApi listApps GET /api/2/apps List Apps
AppsApi listConnectors GET /api/2/connectors List Connectors
AppsApi updateApp PUT /api/2/apps/{app_id} Update App
BrandingServiceApi createBrand POST /api/2/branding/brands Create Brand
BrandingServiceApi deleteBrand DELETE /api/2/branding/brands/{brand_id} Delete Brand
BrandingServiceApi getBrand GET /api/2/branding/brands/{brand_id} Get Brand
BrandingServiceApi getBrandApps GET /api/2/branding/brands/{brand_id}/apps Get Brand Apps
BrandingServiceApi listBrands GET /api/2/branding/brands List Account Brands
BrandingServiceApi updateBrand PUT /api/2/branding/brands/{brand_id} Update Brand
BrandingServiceSmtpApi deleteEmailSettings DELETE /api/2/branding/email_settings Delete Custom Email Settings
BrandingServiceSmtpApi getEmailSettings GET /api/2/branding/email_settings Get Email Settings
BrandingServiceSmtpApi updateEmailSettings PUT /api/2/branding/email_settings Update Email Settings
BrandingServiceTemplatesApi createMessageTemplate POST /api/2/branding/brands/{brand_id}/templates Create Message Template
BrandingServiceTemplatesApi deleteMessageTemplate DELETE /api/2/branding/brands/{brand_id}/templates/{template_id} Delete Message Template
BrandingServiceTemplatesApi getMasterByType GET /api/2/branding/brands/master/templates/{template_type} Get Master Template by Type
BrandingServiceTemplatesApi getMessageTemplateById GET /api/2/branding/brands/{brand_id}/templates/{template_id} Get Message Template
BrandingServiceTemplatesApi getTemplateByLocale GET /api/2/branding/brands/{brand_id}/templates/{template_type}/{locale} Get Template by Type & Locale
BrandingServiceTemplatesApi listMessageTemplates GET /api/2/branding/brands/{brand_id}/templates List Message Templates
BrandingServiceTemplatesApi updateMessageTemplateById PUT /api/2/branding/brands/{brand_id}/templates/{template_id} Update Message Template
BrandingServiceTemplatesApi updateTemplateByLocale PUT /api/2/branding/brands/{brand_id}/templates/{template_type}/{locale} Update Template by Type & Locale
EventsApi getEventById GET /api/1/events/{event_id} Get Event by ID
EventsApi getEventTypes GET /api/1/events/types Get Event Types
EventsApi getEvents GET /api/1/events Get Events
GroupsApi getGroupById GET /api/1/groups/{group_id} Get Group by ID
GroupsApi getGroups GET /api/1/groups Get Groups
InviteLinksApi getInviteLink POST /api/1/invites/get_invite_link Generate Invite Link
InviteLinksApi sendInviteLink POST /api/1/invites/send_invite_link Send Invite Link
MultiFactorAuthenticationApi createDeviceVerification POST /api/2/mfa/users/{user_id}/verifications Create Device Verification
MultiFactorAuthenticationApi createFactorRegistration POST /api/2/mfa/users/{user_id}/registrations Create Factor Registration
MultiFactorAuthenticationApi deleteEnrolledFactor DELETE /api/2/mfa/users/{user_id}/devices/{device_id} Delete Enrolled Factor
MultiFactorAuthenticationApi generateOTP POST /api/2/mfa/users/{user_id}/mfa_token Generate MFA token
MultiFactorAuthenticationApi getAuthFactors GET /api/2/mfa/users/{user_id}/factors Get User Factors
MultiFactorAuthenticationApi getAuthenticationDevices GET /api/2/mfa/users/{user_id}/devices Get User Devices
MultiFactorAuthenticationApi getUserRegistration GET /api/2/mfa/users/{user_id}/registrations/{registration_id} Get User Registration
MultiFactorAuthenticationApi getUserVerification GET /api/2/mfa/users/{user_id}/verifications/{verification_id} Get User Verification
MultiFactorAuthenticationApi verifyUserRegistration PUT /api/2/mfa/users/{user_id}/registrations/{registration_id} Verify User Registration
MultiFactorAuthenticationApi verifyUserVerification PUT /api/2/mfa/users/{user_id}/verifications/{verification_id} Verify User Verification
MultiFactorAuthenticationV1Api activateMfaFactors POST /api/1/users/{user_id}/otp_devices/{device_id}/trigger Activate a Factor
MultiFactorAuthenticationV1Api enrollMfaFactor POST /api/1/users/{user_id}/otp_devices Enroll a Factor
MultiFactorAuthenticationV1Api generateMFAtoken POST /api/1/users/{user_id}/mfa_token Generate Temp MFA Token
MultiFactorAuthenticationV1Api getEnrolledFactors GET /api/1/users/{user_id}/otp_devices Get Enrolled Factors
MultiFactorAuthenticationV1Api getMFAFactors GET /api/1/users/{user_id}/auth_factor Get Available Factors
MultiFactorAuthenticationV1Api removeMfaFactors DELETE /api/1/users/{user_id}/otp_devices/{device_id} Remove an Enrolled Factor
MultiFactorAuthenticationV1Api verifyMfaFactor POST /api/1/users/{user_id}/otp_devices/{device_id}/verify Verify a Factor
OAuth2Api generateToken POST /auth/oauth2/v2/token Generate Token
OAuth2Api getRateLimit GET /auth/rate_limit Get Rate Limit
OAuth2Api revokeTokens POST /auth/oauth2/revoke Revoke Tokens
PrivilegesApi addPrivilegeToRole POST /api/1/privileges/{privilege_id}/roles Assign a Privilege to Roles
PrivilegesApi assignUsersToPrivilege POST /api/1/privileges/{privilege_id}/users Assign Users to a Privilege
PrivilegesApi createPrivilege POST /api/1/privileges Create a Privilege
PrivilegesApi deletePrivilege DELETE /api/1/privileges/{privilege_id} Delete a Privilege
PrivilegesApi deleteRoleFromPrivilege DELETE /api/1/privileges/{privilege_id}/roles/{role_id} Remove a Privilege from a Role
PrivilegesApi getAssignedUser GET /api/1/privileges/{privilege_id}/users Get Users assigned to a Privilege
PrivilegesApi getPrivilege GET /api/1/privileges/{privilege_id} Get a Privilege
PrivilegesApi listPrivilegeRoles GET /api/1/privileges/{privilege_id}/roles Get Roles assigned to Privilege
PrivilegesApi listPrivileges GET /api/1/privileges List Privileges
PrivilegesApi removeUserFromPrivilege DELETE /api/1/privileges/{privilege_id}/users/{user_id} Remove a Privilege from Users
PrivilegesApi updatePrivilege PUT /api/1/privileges/{privilege_id} Update a Privilege
RolesApi addRoleAdmins POST /api/2/roles/{role_id}/admins Add Role Admins
RolesApi addRoleUsers POST /api/2/roles/{role_id}/users Add Role Users
RolesApi createRole POST /api/2/roles Create Role
RolesApi deleteRole DELETE /api/2/roles/{role_id} Delete Role by ID
RolesApi getRole GET /api/2/roles/{role_id} Get Role by ID
RolesApi getRoleAdmins GET /api/2/roles/{role_id}/admins Get Role Admins
RolesApi getRoleApps GET /api/2/roles/{role_id}/apps Get all Apps assigned to Role
RolesApi getRoleById GET /api/1/roles/{role_id} Get Role by ID
RolesApi getRoleByName GET /api/1/roles Get Role by Name
RolesApi getRoleUsers GET /api/2/roles/{role_id}/users Get Role Users
RolesApi listRoles GET /api/2/roles List Roles
RolesApi removeRoleAdmins DELETE /api/2/roles/{role_id}/admins Remove Role Admins
RolesApi removeRoleUsers DELETE /api/2/roles/{role_id}/users Remove Role Users
RolesApi setRoleApps PUT /api/2/roles/{role_id}/apps Set Role Apps
RolesApi updateRole PUT /api/2/roles/{role_id} Update Role
SamlAssertionsApi generateSamlAssert POST /api/1/saml_assertion Generate SAML Assertion
SamlAssertionsApi generateSamlAssert2 POST /api/2/saml_assertion Generate SAML Assertion
SamlAssertionsApi verFactorSaml POST /api/1/saml_assertion/verify_factor Verify Factor SAML
SamlAssertionsApi verFactorSaml2 POST /api/2/saml_assertion/verify_factor Verify Factor SAML
SmartHooksApi createEnvironmentVariable POST /api/2/hooks/envs Create Environment Variable
SmartHooksApi createHook POST /api/2/hooks Create Smart Hook
SmartHooksApi deleteEnvironmentVariable DELETE /api/2/hooks/envs/{envvar_id} Delete Environment Variable
SmartHooksApi deleteHook DELETE /api/2/hooks/{hook_id} Delete Smart Hook by ID
SmartHooksApi getEnvironmentVariable GET /api/2/hooks/envs/{envvar_id} Get Environment Variable
SmartHooksApi getHook GET /api/2/hooks/{hook_id} Get Smart Hook by ID
SmartHooksApi getLogs GET /api/2/hooks/{hook_id}/logs Get Smart Hook Logs
SmartHooksApi listEnvironmentVariables GET /api/2/hooks/envs List Environment Variables
SmartHooksApi listHooks GET /api/2/hooks List all Smart Hooks
SmartHooksApi updateEnvironmentVariable PUT /api/2/hooks/envs/{envvar_id} Update Environment Variable
SmartHooksApi updateHook PUT /api/2/hooks/{hook_id} Update Smart Hook by ID
UserMappingsApi createMapping POST /api/2/mappings Create Mapping
UserMappingsApi deleteMapping DELETE /api/2/mappings/{mapping_id} Delete Mapping
UserMappingsApi getMapping GET /api/2/mappings/{mapping_id} Get Mapping
UserMappingsApi listMappingActionValues GET /api/2/mappings/actions/{mapping_action_value}/values List Actions Values
UserMappingsApi listMappingConditions GET /api/2/mappings/conditions List Conditions
UserMappingsApi listMappingConditionsOperators GET /api/2/mappings/conditions/{mapping_condition_value}/operators List Conditions Operators
UserMappingsApi listMappingContionValues GET /api/2/mappings/conditions/{mapping_condition_value}/values List Conditions Values
UserMappingsApi listMappings GET /api/2/mappings List Mappings
UserMappingsApi listMappingsActions GET /api/2/mappings/actions List Actions
UserMappingsApi sortMappings PUT /api/2/mappings/sort Bulk Sort
UserMappingsApi updateMapping PUT /api/2/mappings/{mapping_id} Update Mapping
UsersV1Api addRolesToUser PUT /api/1/users/{user_id}/add_roles Add Roles for a User
UsersV1Api createUser POST /api/1/users Create a User
UsersV1Api deleteUser DELETE /api/1/users/{user_id} Delete a User
UsersV1Api getCustomAttributes GET /api/1/users/custom_attributes Get Custom Attributes
UsersV1Api getUserApps GET /api/1/users/{user_id}/apps Get Apps for a User
UsersV1Api getUserById GET /api/1/users/{user_id} Get User by ID
UsersV1Api getUserRoles GET /api/1/users/{user_id}/roles Get Roles for a User
UsersV1Api listUsers GET /api/1/users List Users
UsersV1Api lockAccountUser PUT /api/1/users/{user_id}/lock_user Lock User Account
UsersV1Api logOutUser PUT /api/1/users/{user_id}/logout Log User Out
UsersV1Api removeUserRole PUT /api/1/users/{user_id}/remove_roles Remove Roles for a User
UsersV1Api setUserState PUT /api/1/users/{user_id}/set_state Set User State
UsersV1Api updatePasswordInsecure PUT /api/1/users/set_password_clear_text/{user_id} Set Password Using ID in Cleartext
UsersV1Api updatePasswordSecure PUT /api/1/users/set_password_using_salt/{user_id} Set Password Using ID and SHA-256 and Salt
UsersV1Api updateUser PUT /api/1/users/{user_id} Update a User
UsersV2Api createUser2 POST /api/2/users Create User
UsersV2Api deleteUser2 DELETE /api/2/users/{user_id} Delete User
UsersV2Api getUser2 GET /api/2/users/{user_id} Get User
UsersV2Api getUserApps2 GET /api/2/users/{user_id}/apps Get User Apps
UsersV2Api listUsers2 GET /api/2/users List Users
UsersV2Api updateUser2 PUT /api/2/users/{user_id} Update User
VigilanceAiApi createRiskRule POST /api/2/risk/rules Create Rule
VigilanceAiApi deleteRiskRule DELETE /api/2/risk/rules/{rule_id} Delete Rule
VigilanceAiApi getRiskRule GET /api/2/risk/rules/{rule_id} get Risk Rule
VigilanceAiApi getRiskScore POST /api/2/risk/verify Get a Risk Score
VigilanceAiApi getRiskScores GET /api/2/risk/scores Get Score Summary
VigilanceAiApi listRiskRules GET /api/2/risk/rules List Rules
VigilanceAiApi trackRiskEvent POST /api/2/risk/events Track an Event
VigilanceAiApi updateRiskRule PUT /api/2/risk/rules/{rule_id} Update Rule

Documentation for Models

Documentation for Authorization

Authentication schemes defined for the API:


  • Type: OAuth
  • Flow: application
  • Authorization URL:
  • Scopes:
    • Authentication Only: Gives the credential pair the ability to generate an access token that can perform POST calls only to authentication endpoints, providing least privileged access to authentication code. These endpoints include: - Verify Factor (SAML Assertion) - Generate SAML Assertion - Verify Factor (Login) - Create Session Login Token - Log User Out
    • Read Users: Gives the credential pair the ability to generate an access token that can perform GET calls available for the User, Role, and Group API resources.
    • Manage users: Gives the credential pair the ability to generate an access token that can perform GET, POST, PUT, and DELETE calls available for the User, Role, and Group API resources, with the exception of setting passwords and assigning and removing roles
    • Manage All: Gives the credential pair the ability to generate an access token that can perform GET, POST, PUT, and DELETE calls for all available API resources, including the ability to set passwords and assign and remove roles.
    • Read All: Gives the credential pair the ability to generate an access token that can perform GET calls available for all API resources.


  • Type: HTTP basic authentication


It's recommended to create an instance of ApiClient per thread in a multithreaded environment to avoid any potential issues.