See api-docs Menu

Update Account Brand

Early Preview

This API is in early preview and may be subject to change. Please contact your account manager if you are interested in trying the Branding API.

Use this API to modify an existing Account Brand configuration.

This endpoint accepts a partial payload but only updates the provided values.








Resource URL

https://<subdomain>/api/2/branding/brands/:brand_id

Header Parameters

Authorization

required

string

Set to bearer <access_token>.

Set <access_token> to the access token you generated using the Generate Token API.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: Manage All.

In order to use the Branding API your API Credentials must be created after 21st October 2020.

Content-Type

required

string

Set to application/json.

Resource Parameter

brand_id

required

integer

Unique identifier for the branding object.

Request Parameters

name

required

string

Brand’s name for humans. This isn’t related to subdomains.

enabled

boolean

Indicates if the brand is enabled or not.(default=false)

custom_support_enabled

boolean

Indicates if the custom support is enabled. If enabled, the login page includes the ability to submit a support request.

custom_color

string

Primary brand color

custom_accent_color

string

Secondary brand color

custom_masking_color

string

Color for the masking layer above the background image of the branded login screen.

custom_masking_opacity

number

Opacity for the custom_masking_color.

enable_custom_label_for_login_screen

boolean

Indicates if the custom Username/Email field label is enabled or not.

custom_label_text_for_login_screen

string

Custom label for the Username/Email field on the login screen. See example here.

login_instruction_title

string

Link text to show login instruction screen.

login_instruction

string

Text for the login instruction screen, styled in Markdown.

hide_onelogin_footer

boolean

Indicates if the OneLogin footer will appear at the bottom of the login page.

mfa_enrollment_message

string

Text that replaces the default text displayed on the initial screen of the MFA Registration.

background

string

Base64 encoded image data (JPG/PNG, <5MB)

logo

string

Base64 encoded image data (PNG, <1MB)

Parameter Notes

  1. The background and logo parameters are both strings that contain the Base64 encoded (NOT Base64Url) data of a JPG or PNG image file (logo only accepts PNG). The size limits are < 5MB for the background and < 1MB for the logo. These limits apply only to the pre-encoded image, as the Base64 encoding a file increases the size of the data by 133%.

    For convenience you might want to use this tool for Base64 image conversion.

  2. Every payload parameter, except for name, is optional; therefore, a JSON object that only contains the name field can be passed to create a configuration with blank values. This is useful because when the login page accesses the branding and locates an app-level brand and a default account brand, any value not found in the app-level brand will be retrieved from the default brand instead.

  3. The only field with a default value is enabled (which is false). Other omitted values are saved as NULL, which lets an app-level brand act as a mask over the default brand.

Request Body

{
    "enabled": true,
    "name": "Acme Branding"
    "custom_support_enabled": false,
    "custom_color": "#1298b4",
    "custom_accent_color": "#b60012",
    "custom_masking_color": "#beefed",
    "custom_masking_opacity": 40,
    "enable_custom_label_for_login_screen": true,
    "custom_label_text_for_login_screen": "ACME Username or Email",
    "login_instruction_title": "ACME Login Instructions",
    "login_instruction": "To login, enter your ACME Username or Email. Reach out to help.desk@acme.org if you have trouble logging in.",
    "hide_onelogin_footer": true,
    "mfa_enrollment_message": "You must register with the OneLogin Protect app in order to login",
    "background": "/9j/4AAQSkZJRgAB...J3a+IvMu7D8T/9k=",
    "logo": "iVBORw0KGgoAAAAN...AABJRU5ErkJggg=="
}

Sample Responses

{
  "id": 9,
  "enabled": true,
  "custom_support_enabled": false,
  "custom_color": "#1298b4",
  "custom_accent_color": "#b60012",
  "custom_masking_color": "#beefed",
  "custom_masking_opacity": 40,
  "mfa_enrollment_message": "You must register with the OneLogin Protect app in order to login",
  "enable_custom_label_for_login_screen": true,
  "custom_label_text_for_login_screen": "ACME Username or Email",
  "login_instruction": "To login, enter your ACME Username or Email. Reach out to help.desk@acme.org if you have trouble logging in.",
  "login_instruction_title": "ACME Login Instructions",
  "hide_onelogin_footer": false,
  "background":
    { urls:
      { original:
  "https://cdn.onelogin.com/images/account_branding/account_background/original/9ada91a5d34b497f6f0b93934165f0c713ed3c2d.?1599165114",
              "login": 
  "https://cdn.onelogin.com/images/account_branding/account_background/login/a2011597bad264455796281b94471284c6919857.jpg?1599165114",
                 "branding":
  "https://cdn.onelogin.com/images/account_branding/account_background/branding/8547d161732776facb3d9127146c06a09aa63362.jpg?1599165114" },
             "file_size": 30338,       
             "updated_at": "2020-09-03T20:31:54.146Z",
             "content_type": "image/jpeg" },
          "logo":
            { "urls":
               { "original": 
  "https://cdn.onelogin.com/images/account_branding/account_logo/original/25506f4f5b795b39f8ab6ea8a6c85f78094941bf.?1599165114",
               "login":
  "https://cdn.onelogin.com/images/account_branding/account_logo/login/103d08ec5efb4ab204421f3dd15eddc973c8d0c5.png?1599165114",
                "navigation": 
  "https://cdn.onelogin.com/images/account_branding/account_logo/navigation/08fef613402a898832d215a3359b56e6d69ac232.png?1599165114" },
              "file_size": 4408,
              "updated_at": "2020-09-03T20:31:54.373Z",
              "content_type: "image/png" }
}

Typically, this error means that your Authorization header value is missing or incorrectly formatted. The Authorization header value should use this format: bearer:<access_token>.

{
    "message": "Unauthorized",
    "statusCode": 401,
    "name": "UnauthorizedError"
}

Indicates that the syntax of the request is good but a value supplied is not valid.

{
    "message": "Validation failed: The color string is malformed",
    "statusCode": 422,
    "name": "UnprocessableEntityError"
}

Postman Collection

Replace sample variables indicated by {{ }} with your actual values.

Download for the Branding API

Sample Code

cURL

Replace sample values indicated by < > with your actual values.

Update Account Brand

curl 'https://<subdomain>/api/2/branding/brands/:brand_id' \
-X PUT \
-H "Authorization: bearer <access_token>" \
-H "Content-Type: application/json" \
-d '{
    "custom_color": "#beeeef",
    "custom_accent_color": "#feeeeb",
    "enable_custom_label_for_login_screen": true,
    "custom_label_text_for_login_screen": "YOUR TRUE NAME"
}'

Have a Question?

Found a problem or a bug? Submit a support ticket.

Looking for walkthroughs or how-to guides on OneLogin's user and admin features? Check out the documentation in our Knowledge Base.

Have a product idea or request? Share it with us in our Ideas Portal.