Note that you are viewing Looker documentation. For Looker Studio documentation, visit https://support.google.com/looker-studio.

Get OIDC Test Configuration

Version 4.0.24.16

Get a OIDC test configuration by test_slug.

Calls to this endpoint may be denied by Looker (Google Cloud core).

Request

GET /oidc_test_configs/{test_slug}

Datatype

Description

Request

HTTP Request

path

HTTP Path

Expand HTTP Path definition...

test_slug

string

Slug of test config

Response

200: OIDC test config.

Datatype

Description

(object)

OIDCConfig

can

object

Operations the current user is able to perform on this object

alternate_email_login_allowed

boolean

Allow alternate email-based login via '/login/email' for admins and for specified users with the 'login_special_email' permission. This option is useful as a fallback during ldap setup, if ldap config problems occur later, or if you need to support some users who are not in your ldap directory. Looker email/password logins are always disabled for regular users when ldap is enabled.

audience

string

OpenID Provider Audience

auth_requires_role

boolean

Users will not be allowed to login at all unless a role for them is found in OIDC if set to true

authorization_endpoint

string

OpenID Provider Authorization Url

default_new_user_group_ids

string[]

default_new_user_groups

Group[]

Expand Group definition...

can

object

Operations the current user is able to perform on this object

can_add_to_content_metadata

boolean

Group can be used in content access controls

contains_current_user

boolean

Currently logged in user is group member

external_group_id

string

External Id group if embed group

externally_managed

boolean

Group membership controlled outside of Looker

string

Unique Id

include_by_default

boolean

New users are added to this group by default

name

string

Name of group

user_count

integer

Number of users included in this group

default_new_user_role_ids

string[]

default_new_user_roles

Role[]

Expand Role definition...

can

object

Operations the current user is able to perform on this object

string

Unique Id

name

string

Name of Role

permission_set

PermissionSet

(Read only) Permission set

Expand PermissionSet definition...

can

object

Operations the current user is able to perform on this object

all_access

boolean

built_in

boolean

string

Unique Id

name

string

Name of PermissionSet

permissions

string[]

url

string

Link to get this item

permission_set_id

string

(Write-Only) Id of permission set

model_set

ModelSet

(Read only) Model set

Expand ModelSet definition...

can

object

Operations the current user is able to perform on this object

all_access

boolean

built_in

boolean

string

Unique Id

models

string[]

name

string

Name of ModelSet

url

string

Link to get this item

model_set_id

string

(Write-Only) Id of model set

url

string

Link to get this item

users_url

string

Link to get list of users with this role

enabled

boolean

Enable/Disable OIDC authentication for the server

groups

OIDCGroupRead[]

Expand OIDCGroupRead definition...

string

Unique Id

looker_group_id

string

Unique Id of group in Looker

looker_group_name

string

Name of group in Looker

name

string

Name of group in OIDC

roles

Role[]

Expand Role definition...

can

object

Operations the current user is able to perform on this object

string

Unique Id

name

string

Name of Role

permission_set

PermissionSet

(Read only) Permission set

permission_set_id

string

(Write-Only) Id of permission set

model_set

ModelSet

(Read only) Model set

model_set_id

string

(Write-Only) Id of model set

url

string

Link to get this item

users_url

string

Link to get list of users with this role

groups_attribute

string

Name of user record attributes used to indicate groups. Used when 'groups_finder_type' is set to 'grouped_attribute_values'

groups_with_role_ids

OIDCGroupWrite[]

Expand OIDCGroupWrite definition...

string

Unique Id

looker_group_id

string

Unique Id of group in Looker

looker_group_name

string

Name of group in Looker

name

string

Name of group in OIDC

role_ids

string[]

identifier

string

Relying Party Identifier (provided by OpenID Provider)

issuer

string

OpenID Provider Issuer

modified_at

string

When this config was last modified

modified_by

string

User id of user who last modified this config

new_user_migration_types

string

Merge first-time oidc login to existing user account by email addresses. When a user logs in for the first time via oidc this option will connect this user into their existing account by finding the account with a matching email address by testing the given types of credentials for existing users. Otherwise a new user account will be created for the user. This list (if provided) must be a comma separated list of string like 'email,ldap,google'

scopes

string[]

secret

string

(Write-Only) Relying Party Secret (provided by OpenID Provider)

set_roles_from_groups

boolean

Set user roles in Looker based on groups from OIDC

test_slug

string

Slug to identify configurations that are created in order to run a OIDC config test

token_endpoint

string

OpenID Provider Token Url

user_attribute_map_email

string

Name of user record attributes used to indicate email address field

user_attribute_map_first_name

string

Name of user record attributes used to indicate first name

user_attribute_map_last_name

string

Name of user record attributes used to indicate last name

user_attributes

OIDCUserAttributeRead[]

Expand OIDCUserAttributeRead definition...

name

string

Name of User Attribute in OIDC

required

boolean

Required to be in OIDC assertion for login to be allowed to succeed

user_attributes

UserAttribute[]

Expand UserAttribute definition...

can

object

Operations the current user is able to perform on this object

string

Unique Id

name

string

Name of user attribute

label

string

Human-friendly label for user attribute

type

string

Type of user attribute ("string", "number", "datetime", "yesno", "zipcode", "advanced_filter_string", "advanced_filter_number")

default_value

string

Default value for when no value is set on the user

is_system

boolean

Attribute is a system default

is_permanent

boolean

Attribute is permanent and cannot be deleted

value_is_hidden

boolean

If true, users will not be able to view values of this attribute

user_can_view

boolean

Non-admin users can see the values of their attributes and use them in filters

user_can_edit

boolean

Users can change the value of this attribute for themselves

hidden_value_domain_whitelist

string

Destinations to which a hidden attribute may be sent. Once set, cannot be edited.

user_attributes_with_ids

OIDCUserAttributeWrite[]

Expand OIDCUserAttributeWrite definition...

name

string

Name of User Attribute in OIDC

required

boolean

Required to be in OIDC assertion for login to be allowed to succeed

user_attribute_ids

string[]

userinfo_endpoint

string

OpenID Provider User Information Url

allow_normal_group_membership

boolean

Allow OIDC auth'd users to be members of non-reflected Looker groups. If 'false', user will be removed from non-reflected groups on login.

allow_roles_from_normal_groups

boolean

OIDC auth'd users will inherit roles from non-reflected Looker groups.

allow_direct_roles

boolean

Allows roles to be directly assigned to OIDC auth'd users.

url

string

Link to get this item

403: Permission Denied

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link

404: Not Found

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link

429: Too Many Requests

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link